Programs and initiatives
Cyber Security NSW leads strategic cyber security initiatives to improve the cyber resilience of the NSW Government.
Self-reported losses due to business email compromise (BEC) cost Australia over $98 million in the 2021-2022 financial year, an increase of nearly 15 per cent from the previous financial year. It is estimated that the majority of BEC financial losses are not reported.
To ensure the NSW Government remains a trusted sender of emails and to reduce the risk of cybercriminals impersonating our agencies, Cyber Security NSW has rolled out a domain-based message authentication, reporting and conformance (DMARC) tool to all agencies and local councils.
DMARC authentication only allows authorised individuals to send emails using the legitimate NSW Government domain, ‘nsw.gov.au’. This is just one of many steps the NSW Government is taking to protect our community from cyber threats and control email fraud across NSW Government email domains.
Watch the video below or email firstname.lastname@example.org to find out more:
Capture-the-flag (CTF) events are competitions designed to challenge participants to solve computer security problems to capture or defend computer systems. Cyber Security NSW and the NSW Government’s CTF team, TahSec, develop and run the annual NSW Government CTFs, which are beginner-friendly and open to all Australian government staff. This competition builds participants’ understanding of and skills in cyber security.
Cyber Security NSW is working with the Information and Privacy Commission NSW (IPC) to implement the Mandatory Notification of Data Breach Scheme, which will require agencies to provide notifications to affected individuals in the event of an eligible data breach of their personal or health information by a NSW public sector agency or state-owned corporation subject to the Privacy and Personal Information Protection Act 1998.