Online security

In this era of ever changing and persistent cyber threats, the City of Cockburn, Western Australia, is about half way towards achieving international certification for ISO 27001.

ISO 27001 is the leading international standard for information security, published by the International Organization for Standardization (ISO), in partnership with the International Electrotechnical Commission.

As part of the Council’s Cyber Security Plan, a dedicated Cyber Security Officer joined Cockburn’s Information Services team in May 2019.

Elliot Tempest said the City recorded a 33 percent increase in cyber security compliance, from staff, to equipment, policy and procedures, based on ISO 27001 during 2019-20.

“Some of the achievements to date include implementing regular and ongoing cyber security training for about 1000 staff at all levels of the organisation, and multi-factor authentication for staff who access the City’s server remotely.

“The multi-factor authentication was a key cyber security achievement and it was implemented before COVID-19 hit, which gave the organisation great peace of mind as more than 90 percent of City staff began working from home.   

“We also have partnerships with the Australian Government’s Joint Cyber Security Centre (JCSC) and the Australian Competition and Consumer Commission’s Scamwatch.”

Mr Tempest’s role is quite rare in Western Australian local government circles, but despite the lack of peers, he has a weekly threat briefing with the Perth node of the JCSC as part of an information sharing agreement.

“Protecting the security and integrity of our customers’ confidential information, and who can rightfully access it, is a responsibility the City of Cockburn takes very seriously.

“Adopting Information Security Management Systems (ISMS) means the City has a best-practice, internationallyrecognised organisation-wide method of securing personal information in a way that can be regularly audited and updated as protection methods and threats evolve.”