Reduce Your Cyber Security Risk

How you can address the recommendations in the QAO Audit Report

Reduce Your Cyber Security Risk

Back
Published
18th March 2024

By Patricia Paolini, Business Development Manager, Peak Training

The Queensland Audit Office’s Local Government 2023 report has identified cyber security as a serious risk for Queensland councils.

The report identified 66 weaknesses in how council secure their information and as cyber threats increase in number and sophistication, they recommend the following:

  • Address weaknesses in information systems,
  • Ensure staff remain vigilant to detect and mitigate threats, prevent human errors, and adapt to evolving cyber risks, and
  • Implement mandatory cyber security training for their staff annually.

Book your cyber security training

In our continued response to the QAO audit, Peak Services Training provides cyber awareness training options for all councils at all levels.

Session dates are available throughout March 2024 and onwards, and council “groups/all staff” are encouraged to attend one or all of the following cyber security courses.

Cyber Security Fundamentals (Training 2024)   Links Masterclass (Training 2024)   Cyber Shield Quiz (Training Mar 2024)

The QAO recommends yearly Cyber Training

Extracts from the QAO Report

QAO Recommendation

  • Councils should conduct mandatory cyber security awareness training (Ideally every 12 months)

  • Councils need to develop and implement mandatory cyber security awareness training for all staff, to be completed during induction and at regular periods during employment.

This should include:

  • Delivering targeted training to higher-risk user groups, such as senior management, staff who have access to sensitive data, software developers, system administrators, and third-party providers

  • Recording and monitoring whether all staff have completed their required cyber security awareness training

  • Conducting campaigns to test the adequacy of staff vigilance to risks, such as phishing (fraudulent emails) and tailgating (following a person into an office), so entities can assess and improve their awareness programs.

“So far this year, we identified 66 new weaknesses in how councils secure their information systems. As cyber security threats increase in number and sophistication, councils must promptly address any weaknesses in their information systems. Councils need to make sure their staff remain vigilant to detect and mitigate threats, prevent human errors, and adapt to evolving cyber risks. There are 17 councils (24%) that have still not developed and implemented mandatory cyber security training for their staff as we recommended 3 years ago.

 

Book your cyber security training

Book your cyber training now to mitigate the high risks to your council and to meet the requirements of the QAO Report. 

Contact Patricia Paolini directly to discuss your Cyber program dates and times | M 0407 966 716 E ppaolini@wearepeak.com.au

 

 

Subscribe to our news via email

* indicates required