Credit: Photo 174525397 © Rpianoshow | Dreamstime.com
The NSW government’s Powerhouse Museum is on the hunt for a consultant to help upgrade its cyber security standing.
Falling under the umbrella of the Museum of Applied Arts and Sciences (MAAS), the Powerhouse was first established in 1879 as the Technological, Industrial and Sanitary Museum of New South Wales and now contains a collection of over 500,000 objects.
As part of the Museum’s overall renewal project featuring the new establishment at Powerhouse Paramatta, the renewal of Powerhouse Ultimo, the expansion of Powerhouse Castle Hill, the digitisation of its collection and the ongoing operation of Sydney Observatory – the state government is also looking to modernise its cyber security standing.
According to a request for tender (RTF), the government is looking to achieve compliance with ISO27001.
It also wishes to achieve high-tier maturity in “all areas of cyber security resilience”, which includes reaching either maturity level two or three in the federal government’s Australian Cyber Security Centre (ACSC)’s Essential 8’s model, as well as reaching the fourth to fifth level of the NSW government’s Mandatory 25 model.
The initiative is expected to start soon, with an estimated start time within the second quarter of this year and a project length of 18 to 24 months.
The RFT is open from now until April 7.
MAAS’ move to up its cyber security stance comes months after NSW government agencies were urged to lift their cyber security compliance following the release of a report from the Audit Office of NSW in October 2021.
The report from the NSW Auditor General assessed nine agencies — none of which included MAAS — and their compliance with the NSW Cyber Security Policy (CSP) to 30 June 2020, identifying “non-compliance and significant weaknesses against the government’s policy”.
Read more: Game Masters coming to Powerhouse Museum
“The poor levels of cyber security maturity are a significant concern,” the report said.
However, none of the agencies covered by the report — Department of Premier and Cabinet; Department of Communities and Justice; Department of Customer Service; Department of Education; Department of Planning, Industry and Environment; Department of Regional NSW; Ministry of Health; Treasury and Transport for NSW — had implemented all of the Essential 8 controls to at least level one.
