Cyber security threat
Cyber security incidents are a serious threat to Victorians. They happen more often and are more complex than ever before.
It is no longer a case of ‘if’ but ‘when’ a cyber security incident will occur. The Victorian Government needs to plan to protect Victorians.
Victoria's Cyber security plans
Responding to cyber security compromises across all levels of severity requires different plans. All plans work together. Each plan focuses on a different audience and covers the different severities of cyber security compromise:
The Department of Government Services has prepared a plan that covers cyber security emergencies. That is the State Emergency Management Plan Cyber Security Sub-Plan. The State Crisis and Resilience Council approved it on 29 November 2023. It is published on the Emergency Management Victoria website.
The Department of Government Services also leads the state’s cyber security incident arrangements. The Department of Government Services has prepared the Cyber Security Incident Management Plan in consultation with other government stakeholders. The State Crisis and Resilience Council approved it on 10 October 2024.
It covers the 3 types of non-emergency cyber security incidents which need a Whole of Victorian Government response. These include limited, major and critical cyber security incidents.
Each department and agency is responsible for how they respond to an incident. They each have their own internal plan. The Department of Government Services maintains an optional Cyber Security Incident Response Plan template to support public sector agencies to prepare your own internal plan. Cyber security incident response plans work alongside the Cyber Security Incident Management Plan and State Emergency Management Plan Cyber Security Sub-Plan.
Audience of the Cyber Security Incident Management Plan
This Cyber Security Incident Management Plan is primarily written for Victorian departments and government agencies to use. In this plan, the term ‘departments and government agencies’ covers:
- public service bodies, including all Victorian Government departments
- government agencies
- public entities
- special and exempt bodies
- public sector infrastructure owners and operators.
Victoria’s councils are encouraged to adopt the plan. Industry and suppliers are encouraged to be familiar with the plan, as it will inform how to work with the Victorian Government during incidents. All other stakeholders can consider the plan to see how it might be useful in setting out internal roles and responsibilities.
Download the Victorian Government Cyber Security Incident Management Plan
Download an optional Cyber Security Incident Response Plan template
Victoria’s Cyber Security Incident Management Plan (CSIMP) and State Emergency Management Plan Cyber Security Sub-Plan require every department and government agency to have a Cyber Security Incident Response Plan (CSIRP). DGS has made this optional CSIRP template that entities may choose to use, to help them prepare their own CSIRP. Councils, contracted service providers, private industry and other stakeholders may also consider this template.
Using this CSIRP template is an optional starting point—it gives ideas, but each entity has to make its own plan that fits its own needs. Every entity is different, so it must change the template to match its own people, resources, governance, processes and systems. It may choose to not use this template, use another template, or start from scratch.
An effective CSIRP is evidence of a strong planning process. Just filling in the template without thinking it through will not make a good plan. A good plan comes from careful thinking and talking with your teams. The template can help, but it cannot replace real planning.
Contact Us
Public sector agencies who need help responding to a cyber security incident, contact the Cyber Incident Response Service:
Updated