Report purpose
This plan has been endorsed by the State Crisis and Resilience Council (SCRC) as a sub-plan to the State Emergency Management Plan (SEMP). The plan outlines the arrangements for managing cyber security emergencies in Victoria.
As the control agency for cyber security, the Department of Government Services (DGS) has prepared and is responsible for the review and updated of this Sub-Plan.
Contents
Introduction
- Whole of Victorian Government Cyber Security Event, Incident & Emergency Categories
- Early Response Summary
- Publication information
- Acronyms
- Version
- Acknowledgment of Country
- Plan Activation
State Emergency Management Plan Cyber Security Sub-Plan
- Our Collective Cyber Security Vision
- Shared Responsibility
- About this Plan
- Audience
- This Plan is a part of Victoria’s Cyber Security Management Framework
Introduction to Cyber Security Arrangements
- Defining ‘cyber security emergency’
- Cyber Security as a State Significant Risk
- Guiding Principles
Victoria’s Cyber Defence Centre
Cyber Security Emergency Mitigation
- Threat intelligence
- Improving cyber security maturity
- Community and industry awareness and engagement
Cyber Security Emergency Preparedness (Identify, Protect and Detect)
- Identify cyber security risk
- Protect from cyber security risk
- Maintain and exercise plans and arrangements
- Detection
Cyber Security Emergency Response
- Analysis
- Notification
- Classification
- Control
- Class 2 State Control Team – Cyber Security
- Transfer of Control where there are significant consequences
- Transfer of Control where the cyber security emergency is a suspected criminal act
- Control Centre
- Controlling Victorian consequences of a National Cyber Security Incident or Emergency
- Managing a Cyber Security Emergency with other concurrent Class 1 or 2 emergency/ies
- Coordination and ongoing engagement
- Media and public communication
- Technical Response, including Containment and Eradication
- Consequence management
- Relief
- National Cyber Security Incident
Cyber Security Emergency Recovery
- Stand Down
Lessons and Evaluation
Appendices
- Appendix A – Acronyms
- Appendix B – Common sources of cyber security compromise
- Appendix C– Sector Resilience Networks
- Appendix D – State Emergency Management Priorities
- Appendix E – Summary of Threat Intelligence Products
- Appendix F - Frameworks for cyber security maturity
- Appendix G – Useful steps in confirming the presence of a cyber security incident
- Appendix H – Contact details of key stakeholder agencies
- Appendix I - Comparison of Whole of Victorian Government Cyber Security Incident Categories with Business Impact Levels
- Appendix J – Summary of AIIMS functions
- Appendix K – Demonstrating linkages with the Victorian Preparedness Framework
Documents
These link(s) will open in a new browser window.
Date of Publication
You may need Adobe® Acrobat® Reader or Libre Office to view the document(s) on this page.
Get Adobe® Acrobat® Reader (External link)
Get Libre Office (External link)
If you would like to receive this publication in a more accessible format, you can request it via our feedback form.
The department acknowledges Aboriginal and Torres Strait Islander people as the Traditional Custodians of the land and acknowledges and pays respect to their Elders, past and present.