National Data Commissioner Update - October 2022
October was Cybersecurity Awareness Month. Along with the Secretary for Home Affairs and others, I participated in “Cyber Collaborate, The Australian Cyber Security Conference”. Recent high-profile data breaches have underscored the need for all organisations – Australian Government agencies and other Data Scheme participants included – to ensure they have robust data management and governance arrangements, as well as the skills and capability to ensure the privacy, protection and appropriate use of data. These are the best practices underpinning in the DATA Scheme.
Keeping data safe
The essentials for best practice data management and governance include:
- knowing what data you hold
- protecting that data with the right privacy, cyber and other data security settings, utilising available resources (for example Australian Government Agencies Privacy Code, Protective Security Policy Framework, the Information Security Manual, the essential 8, ISO-27001)
- being able to quickly detect and respond to incidents to minimise the impact – how fast you detect and respond to a breach matters.
Privacy and security arrangements are not set and forget. Cyber threats are both constant and evolving. As data custodians and stewards of the DATA Scheme, Australian Government agencies and DATA Scheme participants must be ever-vigilant. By implementing best practice data management we can reduce the number and impact of data breaches and build community trust and confidence. This is key to realising the full value of the data you hold. It’s good for your organisation and benefits Australians.
Here’s the Home Affairs Secretary, Michael Pezzullo’s opening comments at the Cyber Security Conference and Senator the Hon Katy Gallagher’s speech on APS Reform. Both show data and digital capability are integral.
Another highlight from the Institute of Public Administration Australia’s annual conference this month was the Finance Secretary’s panel session with Commonwealth Bank CEO, Matt Comyn where he spoke about cybersecurity, saying organisations “don’t rise to the occasion, they fall to their level of preparedness”. Finance Secretary, Jenny Wilkinson said it was important to test our cyber security settings. For the 2021 Census, the Australian Bureau of Statistics worked with the Australian Cyber Security Centre and others to conduct more than 20 large scale penetration testing exercises.
Launch of new Dataplace services
Today, we are launching the data request and data sharing agreement service on Dataplace. This means data users can now use Dataplace to request Australian Government data. Australian Government agencies can use Dataplace to assess and respond to requests. Both parties can use Dataplace to collaborate on a data sharing agreement. We welcome your feedback on the first release of this service as we continue to rollout functionality on Dataplace. Register now to attend an information session on how to use Dataplace to request data and create a data sharing agreement.
Look out for our draft guidance for Australian Government agencies on recovering the costs of data sharing under the DATA Scheme. We will be releasing it on our website for comment soon.