Local Government Cybersecurity Improvement Programme
Raising the bar on Local Government cybersecurity
Cybersecurity has never been more important to local government than it is today. The cost of cybercrime is in the millions of dollars per quarter. Attacks by cybercriminals involving identity theft, exfiltration of information and extortion using ransomware and other techniques are occurring all around the world at unprecedented levels.
ALGIM's role involves creating opportunities and sharing knowledge to enable local government to thrive in an interconnected world and exploit the digital paradigm, however at the same time, organisational information and citizens’ personal information has become an internationally valuable commodity. One of ALGIM’s goals is to take a proactive approach and make a positive impact on the overall cybersecurity status of New Zealand Councils.
In conjunction with SAM for Compliance Ltd, ALGIM has defined a pragmatic cybersecurity framework specific to local government and based around the CIS Controls, that gives Councils the ability to manage and reduce organisational cybersecurity related risk. The objectives of the ALGIM Local Government Cybersecurity Improvement Programme are:-
- Promoting excellence and cybersecurity best practice within Local Government
- Rewarding achievement and improvement in Local Government cybersecurity
- Identifying opportunities for training and awareness to improve cybersecurity knowledge within Local Government
- Benchmarking Local Government cybersecurity
Councils participating in the programme are able to identify whether they are above or below average as compared to their peers. ALGIM is able to identify areas where Councils are struggling to make headway and offer tailored workshops and training to assist if needed.
As part of the programme, Councils that demonstrate defined levels of achievement and improvement will receive awards at the ALGIM annual conference. The most improved small, medium and large Council is recognised each year and awarded at the ALGIM annual awards ceremony. Councils are also recognised for achievement based on a three tier structure - Levels 1 to 3.
To Register your interest, or sign up to the ALGIM Local Government Cybersecurity please click on the buttons below
NEW ZEALAND GOVERNMENT CYBERSECURITY
MANAGE, TRACK AND REPORT IN REAL TIME, AND DEMONSTRATE COMPLIANCE WITH NZISM USING SAM for COMPLIANCE
The New Zealand Information Security Manual (NZISM) is the New Zealand Government's manual on information assurance and information systems security.
The NZISM is a practitioner’s manual designed to meet the needs of agency information security executives as well as vendors, contractors and consultants who provide services to agencies. It includes minimum technical security standards for good system hygiene, as well as providing other technical and security guidance for government departments and agencies to support good information governance and assurance practices.
The NZISM, while intended primarily for the use of government departments and agencies, and their service providers, will be equally useful for Crown Entities, Local Government bodies and private sector organisations.
SAM-NZISM includes approximately 1,690 controls relevent to the 'All Classifications' category and specifically excludes Secret and Top Secret.
AUSTRALIAN GOVERNMENT CYBERSECURITY
MANAGE, TRACK AND REPORT IN REAL TIME, AND DEMONSTRATE COMPLIANCE WITH AGISM USING SAM for COMPLIANCE
The purpose of the Australian Government Information Security Manual (ISM) is to outline a cyber security framework that organisations can apply, using their risk management framework, to protect their information and systems from cyber threats.
The ISM is intended for Chief Information Security Officers (CISOs), Chief Information Officers, cyber security professionals and information technology managers.
The ISM represents the considered advice of the Australian Cyber Security Centre (ACSC) within the Australian Signals Directorate (ASD). This advice is provided in accordance with ASD’s designated functions under paragraph (1)(ca) of section 7 of the Intelligence Services Act 2001. The ISM contains various cyber security guidelines. These guidelines cover governance, physical security, personnel security, and information and communications technology security as they relate to the protection of information and systems.
SAM-AGISM has been designed to represent the sections and sub-sections within the ISM and consists of 6 function areas, 22 categories, 380 workplans and 843 controls.
ACSC ESSENTIAL EIGHT (Aus)
The Australian Signals Directorate’s Australian Cyber Security Centre (ACSC) has developed prioritised mitigation strategies, in the form of the Strategies to Mitigate Cyber Security Incidents, to help organisations mitigate cyber security incidents caused by various cyber threats. The most effective of these mitigation strategies are known as the Essential Eight.
The Essential Eight framework within SAM for Compliance has three function levels, 8 categories representing the Essential Eight maturity areas and 8 workplans containing 47 controls. Each control has been assigned a level in accordance with the maturity model. All three levels must be fully achieved to attain full compliance.
CYBERSECURITY CONSULTING IN GOVERNMENT AND LOCAL GOVERNMENT
Our Consultants can provide a variety of cybersecurity related consulting and audit services to this sector. Click on the buttons below find out more.