Last month the Victorian Government released its Cyber Incident Management Plan (Plan).
The Plan applies to all Victorian Public Sector bodies (Victorian Government organisations), and details the responsibilities of Victorian Government organisations in managing cyber incidents.
While not mandatory for local government, councils are encouraged to adopt the Plan.
Broadly, the Plan contains requirements about the following cyber incident issues:
- Cyber incident preparation
- Threat detection and analysis
- Cyber incident notifications
- Additional Notifications
The Plan does not replace an organisation’s existing information security plans, policies and procedures. Rather, the existing documents should be updated to align with the Plan.
As councils continue to adopt cloud computing their exposure to cyber incidents will increase. Alignment of council policies with the Plan should better prepare councils in responding and managing cyber incidents and assist councils in creating a trusted and secure cyber environment.
A copy of the Plan is available here. Will your Council’s IT policies need to be updated to align with the Plan?
|Mark Hayes | Partner
61 3 9258 3533