ALL >> Computers >> View Article
Australian Auditors Identify Lapses In Information Security Practices In Government Agencies
The ongoing WikiLeaks exposure, frequent cyber-attacks and data breach incidents have forced governments worldwide to initiate measures to improve cyber security. WikiLeaks continues to leak sensitive diplomatic cables and classified information causing embarrassment for several governments worldwide. Recently, the Australian National Audit Office (ANAO) identified lapses in information security practices of government departments. The audit identified that the Department of the Prime Minister and the Cabinet allowed the staff to access free e-mail services such as those of Gmail and Hotmail. The audit recommended ban on use of free e-mail services in government departments and agencies as they may serve as threat vectors for attacks on computer systems and networks.
Attackers may use social engineering and other sophisticated techniques to extract privileged information from employees. They may install malware designed to gather confidential data on computer systems by luring employees to download malicious attachments. They may send cleverly crafted e-mails, which could lead to inadvertent disclosure of financial and ...
... non-financial data pertaining to the government departments and human resources. Leakage of such information may have adverse financial and strategic implications for the government.
Cyber-attacks on government departments may be caused by rival intelligence agencies, anti-national forces and cybercriminals. The motive behind such attacks may be to upstage targeted country through information warfare or extract sensitive information for cyber espionage. Online university degree programs on cyber security and other security certifications may help working IT professionals to keep them abreast of evolving threats and best IT security practices.
Usually, IT professionals qualified in masters of security science and penetration testing evaluate the security of the IT infrastructure. In this case, security professionals of the audit office evaluated the security practices. The audit also revealed use of weak passwords in government departments and agencies. Brute force techniques were applied to test the password practices. Twenty percent of the passwords at three separate departments were compromised in the tests including those with administrative accounts.
The auditors recommended review of password practices in all departments and agencies. Security briefs, training sessions, online degree programs on cyber security and e-learning may enable employees to understand and adhere to cyber security tips and improve the IT security scenario of the departments. Passwords must be strong, unpredictable and must have combination of upper and lower case characters. Employees must use different passwords for different user accounts.
Add Comment
Computers Articles
1. 00al556 Ibm 550-watts Platinum Power Supply For X3650 M4: Reliable And Energy-efficient Power For Enterprise ServersAuthor: Server Tech Central
2. Iot Identity And Access Management (iam) Market : Driving Secure Innovation In Connected Ecosystems
Author: Umangp
3. Why Should You Plan Blinkit Onboarding Before Market Expansion And How Can Zane Marketing Help You Grow Faster
Author: Zane Marketing
4. Customer Identity And Access Management (ciam) Market : Strengthening Security And Customer Trust
Author: Umangp
5. How To Start Your Website Redesign Project?
Author: brainbell10
6. Sap Compliance In Manufacturing: Closing The Gaps Grc Leaves Behind
Author: Mansoor Alam
7. Speech Analytics Market : Unlocking Actionable Insights From Customer Conversations
Author: Umangp
8. Data Preparation Tools Market: How Ai And Cloud-based Solutions Are Transforming Modern Data Workflows
Author: Umangp
9. How To Setup And Create Instagram Ads?
Author: brainbell10
10. Why Digital Business Cards Are The Future Of Professional Networking
Author: WhyTap
11. End To End Sataware Product Development Is The Process Of Identifying Market Opportunities To Hire Flutter Developer, Connecting User Needs And Requir
Author: brainbell10
12. Dynamics Nav To Business Central Upgrade Guide
Author: brainbell10
13. Data Governance Framework: Building Trust In The Digital Age
Author: Umangp
14. A Complete Guide To Dynamics 365 Warehouse Management
Author: brainbell10
15. Conversational Ai In Intelligent Contact Centers: Market Outlook And Future Growth To 2028
Author: Umangp






