Sophie Cotsis demands improved cyber security and digital access

Labor says the Government must urgently address cyber security and access issues after it re-announced funding to digitise services in the upcoming budget.

The Government confirmed it will spend $700 million in this budget to expand digital capabilities across agencies and departments. However, the Shadow Minister for Better Public Services Sophie Cotsis said more pressing issues need to be addressed.

READ MORE: Sophie Cotsis demands action over Service NSW cyber attack which saw 3.8 million documents stolen
READ MORE: Sophie Cotsis MP: Dominello must take responsibility for massive cyber theft from Service NSW

“Digitisation is important for access but the Government needs to fix the terrible mobile services and telecommunications issues that are common in regional and rural NSW,” Ms Cotsis said.

“In some lower socio-economic suburbs only 30% of people have access to technology or Wi-Fi and rely on a McDonald’s or Westfield shopping centre for connectivity.

“And in bushfire-ravaged communities, the Government still has a lot of work to do.”

A 2018 report from the Auditor-General repeatedly warned that Government agencies were grossly ill-prepared for cyber attacks and recommended urgent cyber security measures should be implemented.

In a 2020 report on local government, the Auditor-General found: 

• 80% of councils do not have formal cyber security policy / framework;
• 46% of councils have not included the threat of cyber attacks in their risk register. 

“There are a number of issues that need to be addressed and re-announcing funds isn’t going to get them sorted,” Ms Cotsis added.

The move to further digitise state systems comes just months after cyber criminals stole 3.8 million documents, including health records, legal information and finances from Service NSW.

Ms Cotsis was among the 186,000 people whose personal information was stolen.

“The Government is talking about learning the lessons from COVID-19. I hope they’ve learnt their lesson from the recent Service NSW data breach,” she said.

“It is critical to ensure sensitive information is safeguarded at every step of this rollout. This is the Government’s responsibility and it must be taken seriously.

“The Government said the attack occurred because Service NSW did not use multi-factor authentication for staff log-ins, which means the NSW Government has not been following guidance from the Australian Cyber Security Centre. This is among many issues that must be urgently addressed.”

At the recent cybersecurity inquiry, witnesses raised concerns about the Government’s lack of cybersecurity framework and preparedness. The inquiry is ongoing.