Government Cybersecurity Reporting: A Cause for Concern
A recently published report from the Australian government highlights a troubling trend in cybersecurity reporting among federal entities. The findings reveal that the vast majority are failing to report cyber incidents to the Australian Signals Directorate (ASD), which raises significant security concerns and may lead to compliance issues.
Low Incident Reporting Rates
According to the annual Commonwealth cybersecurity posture report, only 35% of federal government entities reported at least half of the cybersecurity incidents they encountered during the 2024–25 financial year. While this figure is an improvement from 32% in the previous year, it remains alarmingly low. This lack of reporting persists even as the ASD responded to 408 cyber incidents across government agencies, accounting for one-third of all cybersecurity events managed nationwide.
Impact on Incident Mitigation
The ASD has expressed concerns regarding the continuous low reporting rates. They noted, “The percentage of entities reporting cybersecurity incidents to ASD remained low.” This shortfall in reporting diminishes the ASD’s ability to assist entities in managing and mitigating the effects of cyber incidents. The disconnect is particularly notable given that 62% of these entities have reported communicating at least 80% of incidents to their senior executives, suggesting that information is not consistently reaching the ASD.
Notifications from the ASD
In 2025, the ASD actively alerted government agencies about malicious cyber activities on 233 occasions based on its monitoring efforts. However, the reasons behind the infrequent reporting from agencies remain unclear. Under the Protective Security Policy Framework (PSPF), non-corporate Commonwealth entities are mandated to report significant or externally reportable incidents to the ASD. One possible explanation for the low reporting rates might be that many agencies categorize numerous low-impact incidents as non-reportable.
Closing the Reporting Gap
The current situation poses a significant challenge for ensuring robust cybersecurity within government entities. The disparity between the number of incidents reported to senior management and those communicated to the ASD suggests a gap in understanding or prioritizing reporting protocols. As cyber threats continue to evolve in sophistication and frequency, it is crucial that government bodies recognize the importance of maintaining robust communication channels with the ASD.
This underreporting not only compromises the security stance of individual agencies but also weakens the country’s overall cybersecurity framework. Cyber threats are on the rise, and timely reporting is essential for effective threat mitigation and response.
In light of these challenges, there is an urgent need for government entities to enhance their internal reporting practices. By fostering a culture of transparency surrounding cybersecurity incidents and ensuring adherence to reporting protocols, agencies can significantly improve their defensive posture against cyber threats.
Encouraging Thorough Reporting
Innovative strategies for enhancing cybersecurity incident reporting could involve increasing awareness and providing training sessions for government personnel. Emphasizing the importance of timely and accurate reporting within the broader context of national security might encourage more entities to take their reporting responsibilities seriously.
As cybersecurity risks continue to proliferate, it is critical for the Australian government to address these reporting gaps effectively. Strengthening communication between federal entities and the ASD will play a vital role in building a more resilient cybersecurity framework, ultimately helping protect sensitive data and national interests from evolving cyber threats.
