属实

评分: 6.5/10

报告问题
Coalition
C0355

声明内容

“多个部门未能遵守强制性的'四大'网络安全策略。”
网络安全 科技
原始来源: Matthew Davis

原始来源

事实核查

gāi gāi 声明shēng míng shēng míng ** * ** * zài zài 事实上shì shí shàng shì shí shàng 基本jī běn jī běn 准确zhǔn què zhǔn què ** * ** *
The claim is **substantially factually accurate**.
 澳大利亚ào dà lì yà ào dà lì yà 国家审计署guó jiā shěn jì shǔ guó jiā shěn jì shǔ ANAOANAO ANAO zài zài 20162016 2016 -- - 1717 17 zhì zhì 20202020 2020 -- - 2121 21 年间nián jiān nián jiān 进行jìn xíng jìn xíng de de 多次duō cì duō cì 严格yán gé yán gé de de 绩效jì xiào jì xiào 审计shěn jì shěn jì 记录jì lù jì lù 显示xiǎn shì xiǎn shì zài zài CoalitionCoalition Coalition 政府zhèng fǔ zhèng fǔ 任期rèn qī rèn qī nèi nèi 多个duō gè duō gè 联邦lián bāng lián bāng 部门bù mén bù mén 普遍存在pǔ biàn cún zài pǔ biàn cún zài 遵守zūn shǒu zūn shǒu 强制性qiáng zhì xìng qiáng zhì xìng "" " 四大sì dà sì dà "" " 网络安全wǎng luò ān quán wǎng luò ān quán 策略cè lüè cè lüè de de 情况qíng kuàng qíng kuàng [[ [ 11 1 ]] ] [[ [ 22 2 ]] ] [[ [ 33 3 ]] ]
Multiple rigorous Australian National Audit Office (ANAO) performance audits conducted between 2016-17 and 2020-21 documented widespread non-compliance with the mandatory "Top 4" cyber security strategies across multiple Commonwealth departments during the Coalition government's tenure [1][2][3].
 "" " 四大sì dà sì dà "" " 策略cè lüè cè lüè shì shì 保护性bǎo hù xìng bǎo hù xìng 安全ān quán ān quán 政策zhèng cè zhèng cè 框架kuāng jià kuāng jià PSPFPSPF PSPF 1010 10 hào hào 政策zhèng cè zhèng cè xià xià de de 强制性qiáng zhì xìng qiáng zhì xìng 要求yāo qiú yāo qiú 包括bāo kuò bāo kuò
The "Top 4" strategies are mandatory requirements under Policy 10 of the Protective Security Policy Framework (PSPF) and consist of: - Application Whitelisting - Application Patching - Operating System Patching - Restricting Administrative Privileges [4] **Documented non-compliance included:** The 2016-17 ANAO Cybersecurity Follow-up Audit examined three major departments (Australian Taxation Office, Department of Home Affairs/Immigration, and Department of Human Services) and found that only 1 of 3 (33%) was compliant with the Top 4 strategies [1].
 -- - 应用程序yìng yòng chéng xù yìng yòng chéng xù 白名单bái míng dān bái míng dān
The Department of Home Affairs specifically allowed over 1,400 users to bypass application whitelisting controls and had substantial security patching failures on large numbers of servers [1][2].
 -- - 应用程序yìng yòng chéng xù yìng yòng chéng xù 补丁bǔ dīng bǔ dīng 管理guǎn lǐ guǎn lǐ
The 2020-21 ANAO Cyber Security Strategies audit examined seven non-corporate Commonwealth entities and found **zero of seven (0%) were fully compliant** with all Top 4 requirements [3].
 -- - 操作系统cāo zuò xì tǒng cāo zuò xì tǒng 补丁bǔ dīng bǔ dīng 管理guǎn lǐ guǎn lǐ
Examined agencies included: Department of Prime Minister and Cabinet, Attorney-General's Department, Australian Trade and Investment Commission, Department of Health, IP Australia, National Archives of Australia, and Geoscience Australia [3].
 -- - 限制xiàn zhì xiàn zhì 管理权限guǎn lǐ quán xiàn guǎn lǐ quán xiàn [[ [ 44 4 ]] ]
Notably, PM&C self-reported full compliance while ANAO found only 3 of 4 strategies actually implemented [3].
 ** * ** * 记录jì lù jì lù de de 合规hé guī hé guī 情况qíng kuàng qíng kuàng 包括bāo kuò bāo kuò ** * ** *
By 2021-22, the Attorney-General's Department PSPF Assessment Report indicated that **76% of government entities reported not fully implementing Policy 10 requirements**, the mandatory baseline cyber security controls [5].
 20162016 2016 -- - 1717 17 年度nián dù nián dù ANAOANAO ANAO 网络安全wǎng luò ān quán wǎng luò ān quán 跟踪gēn zōng gēn zōng 审计shěn jì shěn jì 审查shěn chá shěn chá le le 三个sān gè sān gè 主要zhǔ yào zhǔ yào 部门bù mén bù mén 澳大利亚ào dà lì yà ào dà lì yà 税务局shuì wù jú shuì wù jú 内政部nèi zhèng bù nèi zhèng bù // / 移民部yí mín bù yí mín bù 人类rén lèi rén lèi 服务部fú wù bù fú wù bù 发现fā xiàn fā xiàn 33 3 部门bù mén bù mén zhōng zhōng 只有zhǐ yǒu zhǐ yǒu 11 1 33%33% 33% 遵守zūn shǒu zūn shǒu le le "" " 四大sì dà sì dà "" " 策略cè lüè cè lüè [[ [ 11 1 ]] ]
内政部nèi zhèng bù nèi zhèng bù 特别tè bié tè bié 允许yǔn xǔ yǔn xǔ 超过chāo guò chāo guò 11 1 ,, , 400400 400 míng míng 用户yòng hù yòng hù 绕过rào guò rào guò 应用程序yìng yòng chéng xù yìng yòng chéng xù 白名单bái míng dān bái míng dān 控制kòng zhì kòng zhì 并且bìng qiě bìng qiě 大量dà liàng dà liàng 服务器fú wù qì fú wù qì 存在cún zài cún zài 严重yán zhòng yán zhòng de de 安全补丁ān quán bǔ dīng ān quán bǔ dīng 管理guǎn lǐ guǎn lǐ 失败shī bài shī bài [[ [ 11 1 ]] ] [[ [ 22 2 ]] ]
20202020 2020 -- - 2121 21 年度nián dù nián dù ANAOANAO ANAO 网络安全wǎng luò ān quán wǎng luò ān quán 策略cè lüè cè lüè 审计shěn jì shěn jì 审查shěn chá shěn chá le le 七个qī gè qī gè fēi fēi 公司gōng sī gōng sī 联邦lián bāng lián bāng 实体shí tǐ shí tǐ 发现fā xiàn fā xiàn ** * ** * 七个qī gè qī gè zhōng zhōng 零个líng gè líng gè 0%0% 0% 完全wán quán wán quán 遵守zūn shǒu zūn shǒu ** * ** * 所有suǒ yǒu suǒ yǒu "" " 四大sì dà sì dà "" " 要求yāo qiú yāo qiú [[ [ 33 3 ]] ]
审查shěn chá shěn chá de de 机构jī gòu jī gòu 包括bāo kuò bāo kuò 总理zǒng lǐ zǒng lǐ 内阁nèi gé nèi gé zǒng zǒng 检察长jiǎn chá zhǎng jiǎn chá zhǎng 澳大利亚ào dà lì yà ào dà lì yà 贸易mào yì mào yì 投资tóu zī tóu zī 委员会wěi yuán huì wěi yuán huì 卫生部wèi shēng bù wèi shēng bù 澳大利亚ào dà lì yà ào dà lì yà 知识产权局zhī shí chǎn quán jú zhī shí chǎn quán jú 澳大利亚ào dà lì yà ào dà lì yà 国家档案馆guó jiā dàng àn guǎn guó jiā dàng àn guǎn 澳大利亚ào dà lì yà ào dà lì yà 地球科学dì qiú kē xué dì qiú kē xué [[ [ 33 3 ]] ]
值得注意zhí de zhù yì zhí de zhù yì de de shì shì 总理zǒng lǐ zǒng lǐ 内阁nèi gé nèi gé 自我zì wǒ zì wǒ 报告bào gào bào gào 完全wán quán wán quán 合规hé guī hé guī ér ér ANAOANAO ANAO 发现fā xiàn fā xiàn 实际上shí jì shàng shí jì shàng zhǐ zhǐ 实施shí shī shí shī le le 44 4 xiàng xiàng 策略cè lüè cè lüè zhōng zhōng de de 33 3 xiàng xiàng [[ [ 33 3 ]] ]
dào dào 20212021 2021 -- - 2222 22 年度nián dù nián dù zǒng zǒng 检察长jiǎn chá zhǎng jiǎn chá zhǎng de de PSPFPSPF PSPF 评估píng gū píng gū 报告bào gào bào gào 显示xiǎn shì xiǎn shì ** * ** * 76%76% 76% de de 政府zhèng fǔ zhèng fǔ 实体shí tǐ shí tǐ 报告bào gào bào gào wèi wèi 完全wán quán wán quán 实施shí shī shí shī 1010 10 hào hào 政策zhèng cè zhèng cè 要求yāo qiú yāo qiú ** * ** * 强制性qiáng zhì xìng qiáng zhì xìng 基线jī xiàn jī xiàn 网络安全wǎng luò ān quán wǎng luò ān quán 控制kòng zhì kòng zhì [[ [ 55 5 ]] ]

缺失背景

然而rán ér rán ér gāi gāi 声明shēng míng shēng míng omitomit omit le le 几个jǐ gè jǐ gè 影响yǐng xiǎng yǐng xiǎng 解释jiě shì jiě shì de de 重要zhòng yào zhòng yào 背景bèi jǐng bèi jǐng 因素yīn sù yīn sù
However, the claim omits several important contextual factors that significantly affect interpretation: **1.
 ** * ** * 11 1 .. . 系统性xì tǒng xìng xì tǒng xìng qiě qiě 持续chí xù chí xù 存在cún zài cún zài de de 问题wèn tí wèn tí ** * ** * zhè zhè 不是bú shì bú shì CoalitionCoalition Coalition 特有tè yǒu tè yǒu de de 失败shī bài shī bài 而是ér shì ér shì 一个yí gè yí gè 政府zhèng fǔ zhèng fǔ 范围fàn wéi fàn wéi 系统性xì tǒng xìng xì tǒng xìng de de 问题wèn tí wèn tí zài zài LaborLabor Labor 政府zhèng fǔ zhèng fǔ xià xià 持续chí xù chí xù 存在cún zài cún zài
Systemic and Ongoing Problem:** This was not a Coalition-specific failure but rather a government-wide, systemic problem that continued under the Labor government.
 LaborLabor Labor 自己zì jǐ zì jǐ de de 网络安全wǎng luò ān quán wǎng luò ān quán 事件shì jiàn shì jiàn zhàn zhàn 20222022 2022 -- - 2323 23 年度nián dù nián dù 所有suǒ yǒu suǒ yǒu ASDASD ASD 报告bào gào bào gào 事件shì jiàn shì jiàn de de 31%31% 31% 类似lèi sì lèi sì de de 合规hé guī hé guī 差距chā jù chā jù zài zài LaborLabor Labor administrationadministration administration 20222022 2022 -- - 20262026 2026 期间qī jiān qī jiān 持续chí xù chí xù 存在cún zài cún zài [[ [ 55 5 ]] ]
Labor's own cyber security incidents represented 31% of all ASD-reported incidents in 2022-23, and similar compliance gaps persisted under Labor administration (2022-2026) [5].
 cóng cóng 20222022 2022 nián nián 77 7 yuè yuè 1010 10 hào hào 政策zhèng cè zhèng cè 扩展kuò zhǎn kuò zhǎn wèi wèi "" " 基本jī běn jī běn 八项bā xiàng bā xiàng "" " 框架kuāng jià kuāng jià dàn dàn 合规hé guī hé guī 问题wèn tí wèn tí réng réng zài zài 继续jì xù jì xù [[ [ 44 4 ]] ]
From July 2022, Policy 10 was expanded to the Essential Eight framework, but compliance issues continued [4]. **2.
 ** * ** * 22 2 .. . 合规hé guī hé guī 为何wèi hé wèi hé 困难kùn nán kùn nán ** * ** * ANAOANAO ANAO 审计shěn jì shěn jì 显示xiǎn shì xiǎn shì 合规hé guī hé guī shì shì yóu yóu 政府zhèng fǔ zhèng fǔ 普遍pǔ biàn pǔ biàn 面临miàn lín miàn lín de de 技术jì shù jì shù 组织zǔ zhī zǔ zhī 挑战tiǎo zhàn tiǎo zhàn 驱动qū dòng qū dòng de de 无法wú fǎ wú fǎ 支持zhī chí zhī chí 白名单bái míng dān bái míng dān de de 遗留yí liú yí liú 系统xì tǒng xì tǒng ITIT IT 部门bù mén bù mén de de 资源zī yuán zī yuán 限制xiàn zhì xiàn zhì 以及yǐ jí yǐ jí 相互竞争xiāng hù jìng zhēng xiāng hù jìng zhēng de de 安全ān quán ān quán 优先yōu xiān yōu xiān 事项shì xiàng shì xiàng [[ [ 33 3 ]] ]
Why Compliance Was Difficult:** The ANAO audits revealed that non-compliance was driven by technical and organizational challenges common across government: legacy systems that couldn't support whitelisting, resource constraints in IT departments, and competing security priorities [3].
 这些zhè xiē zhè xiē 挑战tiǎo zhàn tiǎo zhàn 影响yǐng xiǎng yǐng xiǎng le le 所有suǒ yǒu suǒ yǒu 政府zhèng fǔ zhèng fǔ ér ér 不仅仅bù jǐn jǐn bù jǐn jǐn shì shì CoalitionCoalition Coalition
These challenges affected all governments, not uniquely the Coalition. **3.
 ** * ** * 33 3 .. . 审计shěn jì shěn jì 方法fāng fǎ fāng fǎ ** * ** * 审计shěn jì shěn jì shì shì 基于jī yú jī yú 绩效jì xiào jì xiào de de 评估píng gū píng gū 检查jiǎn chá jiǎn chá 实际shí jì shí jì 实施shí shī shí shī 情况qíng kuàng qíng kuàng ér ér 不仅仅bù jǐn jǐn bù jǐn jǐn shì shì 合规hé guī hé guī 报告bào gào bào gào
Audit Methodology:** The audits were performance-based assessments checking actual implementation, not just compliance reporting.
 zhè zhè 一点yì diǎn yì diǎn hěn hěn 重要zhòng yào zhòng yào 因为yīn wèi yīn wèi 有些yǒu xiē yǒu xiē 部门bù mén bù mén zài zài 没有méi yǒu méi yǒu 实际shí jì shí jì 实施shí shī shí shī de de 情况qíng kuàng qíng kuàng xià xià 自我zì wǒ zì wǒ 报告bào gào bào gào 合规hé guī hé guī 表明biǎo míng biǎo míng 报告bào gào bào gào 问题wèn tí wèn tí 技术jì shù jì shù 失败shī bài shī bài 同样tóng yàng tóng yàng 严重yán zhòng yán zhòng [[ [ 33 3 ]] ]
This is important because some departments self-reported compliance without actual implementation, suggesting reporting issues as much as technical failures [3]. **4.
 ** * ** * 44 4 .. . zài zài LaborLabor Labor 政府zhèng fǔ zhèng fǔ xià xià 持续chí xù chí xù 存在cún zài cún zài ** * ** * gāi gāi 声明shēng míng shēng míng de de 框架kuāng jià kuāng jià 暗示àn shì àn shì 这是zhè shì zhè shì CoalitionCoalition Coalition 时代shí dài shí dài de de 问题wèn tí wèn tí bìng bìng yóu yóu LaborLabor Labor 解决jiě jué jiě jué dàn dàn 证据zhèng jù zhèng jù 表明biǎo míng biǎo míng 相同xiāng tóng xiāng tóng de de 合规hé guī hé guī 挑战tiǎo zhàn tiǎo zhàn zài zài LaborLabor Labor 政府zhèng fǔ zhèng fǔ xià xià 持续chí xù chí xù 存在cún zài cún zài 甚至shèn zhì shèn zhì 扩大kuò dà kuò dà gāi gāi 声明shēng míng shēng míng 暗示àn shì àn shì LaborLabor Labor 解决jiě jué jiě jué le le 这个zhè ge zhè ge 问题wèn tí wèn tí xiāng xiāng 矛盾máo dùn máo dùn [[ [ 55 5 ]] ]
Continuation Under Labor:** The claim's framing suggests this was a Coalition-era problem resolved by Labor, but evidence indicates the same compliance challenges persisted and even expanded under Labor government, contradicting the implicit suggestion that Labor resolved the issue [5].

来源可信度评估

提供tí gōng tí gōng de de 原始yuán shǐ yuán shǐ 来源lái yuán lái yuán ComputerworldComputerworld Computerworld AustraliaAustralia Australia shì shì 澳大利亚ào dà lì yà ào dà lì yà 合法hé fǎ hé fǎ de de 技术jì shù jì shù 新闻xīn wén xīn wén 出版物chū bǎn wù chū bǎn wù duì duì 澳大利亚政府ào dà lì yà zhèng fǔ ào dà lì yà zhèng fǔ ITIT IT 网络安全wǎng luò ān quán wǎng luò ān quán 问题wèn tí wèn tí yǒu yǒu 可信kě xìn kě xìn de de 报道bào dào bào dào [[ [ 66 6 ]] ]
The original source provided (Computerworld Australia) is a legitimate Australian technology news publication with credible reporting on Australian government IT and cyber security issues [6].
 然而rán ér rán ér 这是zhè shì zhè shì 一家yī jiā yī jiā 科技kē jì kē jì 行业háng yè háng yè 出版物chū bǎn wù chū bǎn wù 可能kě néng kě néng duì duì 政府zhèng fǔ zhèng fǔ ITIT IT 失败shī bài shī bài yǒu yǒu 特定tè dìng tè dìng de de 视角shì jiǎo shì jiǎo
However, it is a tech industry publication that may have particular perspective on government IT failures.
 ComputerworldComputerworld Computerworld 文章wén zhāng wén zhāng 特别tè bié tè bié addressingaddressing addressing le le 移民部yí mín bù yí mín bù 未能wèi néng wèi néng 提供tí gōng tí gōng 合规hé guī hé guī 日期rì qī rì qī de de 问题wèn tí wèn tí zhè zhè 一点yì diǎn yì diǎn 得到dé dào dé dào le le ANAOANAO ANAO 审计shěn jì shěn jì 结果jié guǒ jié guǒ de de 确认què rèn què rèn
The Computerworld article specifically addressed the Immigration Department's failure to provide a compliance date, which was confirmed by ANAO audit findings.
 gāi gāi 声明shēng míng shēng míng zuì zuì 权威quán wēi quán wēi de de 来源lái yuán lái yuán shì shì ANAOANAO ANAO 绩效jì xiào jì xiào 审计shěn jì shěn jì 本身běn shēn běn shēn [[ [ 11 1 ]] ] [[ [ 22 2 ]] ] [[ [ 33 3 ]] ] 这是zhè shì zhè shì 独立dú lì dú lì 严格yán gé yán gé de de 政府zhèng fǔ zhèng fǔ 问责wèn zé wèn zé 机制jī zhì jī zhì 具有jù yǒu jù yǒu 审计shěn jì shěn jì 联邦lián bāng lián bāng 机构jī gòu jī gòu de de 法定fǎ dìng fǎ dìng 权力quán lì quán lì
The most authoritative sources for this claim are the ANAO performance audits themselves [1][2][3], which are independent, rigorous government accountability mechanisms with statutory authority to audit Commonwealth agencies.
 ANAOANAO ANAO 报告bào gào bào gào bèi bèi 认为rèn wéi rèn wéi shì shì 验证yàn zhèng yàn zhèng 政府zhèng fǔ zhèng fǔ 绩效jì xiào jì xiào 声明shēng míng shēng míng de de 黄金huáng jīn huáng jīn 标准biāo zhǔn biāo zhǔn
ANAO reports are considered the gold standard for factual verification of government performance claims.
⚖️

工党对比

** * ** * LaborLabor Labor 是否shì fǒu shì fǒu 做过zuò guò zuò guò 类似lèi sì lèi sì de de 事情shì qíng shì qíng
**Did Labor do something similar?
 shì shì 大量dà liàng dà liàng 存在cún zài cún zài
Yes—extensively.** Searches conducted: "Labor government cyber security Top 4 compliance", "Australian government cyber security audit failures 2022-2024" **Finding:** Labor government experienced similar and arguably worse cyber security failures.
 ** * ** *
When Labor assumed government in May 2022, the same Top 4 compliance issues persisted across departments [5].
 进行jìn xíng jìn xíng de de 搜索sōu suǒ sōu suǒ "" " LaborLabor Labor governmentgovernment government cybercyber cyber securitysecurity security TopTop Top 44 4 compliancecompliance compliance "" " ,, , "" " AustralianAustralian Australian governmentgovernment government cybercyber cyber securitysecurity security auditaudit audit failuresfailures failures 20222022 2022 -- - 20242024 2024 "" "
Moreover: - **2022-23 Cyber Incident Report:** Labor government entities accounted for 31% of all Australian Signals Directorate (ASD)-reported incidents in 2022-23, suggesting ongoing cyber vulnerability [5] - **Policy 10 Expansion:** Rather than immediately fixing Top 4 implementation, Labor expanded the framework to Essential Eight in July 2022, suggesting resources were directed to expansion rather than fixing existing gaps [4] - **Continued Non-Compliance:** No published evidence of rapid improvement in Top 4 compliance rates during Labor's tenure.
 ** * ** * 发现fā xiàn fā xiàn ** * ** * LaborLabor Labor 政府zhèng fǔ zhèng fǔ 经历jīng lì jīng lì le le 类似lèi sì lèi sì 甚至shèn zhì shèn zhì 可以kě yǐ kě yǐ shuō shuō shì shì gèng gèng 严重yán zhòng yán zhòng de de 网络安全wǎng luò ān quán wǎng luò ān quán 失败shī bài shī bài
The systemic nature of the problem (76% non-compliance) suggests it was not uniquely a Coalition management failure but a structural government IT challenge [5] **Comparison:** Both Coalition and Labor governments struggled with the same cyber security implementation challenges.
 dāng dāng LaborLabor Labor 20222022 2022 nián nián 55 5 yuè yuè 执政zhí zhèng zhí zhèng shí shí 相同xiāng tóng xiāng tóng de de "" " 四大sì dà sì dà "" " 合规hé guī hé guī 问题wèn tí wèn tí zài zài 部门bù mén bù mén 持续chí xù chí xù 存在cún zài cún zài [[ [ 55 5 ]] ]
The issue appears to be structural/systemic rather than political—driven by aging IT infrastructure, resource constraints, and competing priorities across all Commonwealth agencies regardless of government.
 此外cǐ wài cǐ wài
-- - ** * ** * 20222022 2022 -- - 2323 23 年度nián dù nián dù 网络wǎng luò wǎng luò 事件报告shì jiàn bào gào shì jiàn bào gào ** * ** * LaborLabor Labor 政府zhèng fǔ zhèng fǔ 实体shí tǐ shí tǐ zhàn zhàn 20222022 2022 -- - 2323 23 年度nián dù nián dù 所有suǒ yǒu suǒ yǒu 澳大利亚ào dà lì yà ào dà lì yà 信号xìn hào xìn hào ASDASD ASD 报告bào gào bào gào 事件shì jiàn shì jiàn de de 31%31% 31% 表明biǎo míng biǎo míng 持续chí xù chí xù de de 网络wǎng luò wǎng luò 脆弱性cuì ruò xìng cuì ruò xìng [[ [ 55 5 ]] ]
-- - ** * ** * 1010 10 hào hào 政策zhèng cè zhèng cè 扩展kuò zhǎn kuò zhǎn ** * ** * LaborLabor Labor 没有méi yǒu méi yǒu 立即lì jí lì jí 修复xiū fù xiū fù "" " 四大sì dà sì dà "" " 实施shí shī shí shī 而是ér shì ér shì zài zài 20222022 2022 nián nián 77 7 yuè yuè jiāng jiāng 框架kuāng jià kuāng jià 扩展kuò zhǎn kuò zhǎn wèi wèi "" " 基本jī běn jī běn 八项bā xiàng bā xiàng "" " 表明biǎo míng biǎo míng 资源zī yuán zī yuán bèi bèi 导向dǎo xiàng dǎo xiàng 扩展kuò zhǎn kuò zhǎn ér ér 不是bú shì bú shì 修复xiū fù xiū fù 现有xiàn yǒu xiàn yǒu 差距chā jù chā jù [[ [ 44 4 ]] ]
-- - ** * ** * 持续chí xù chí xù 合规hé guī hé guī ** * ** * 没有méi yǒu méi yǒu 公开gōng kāi gōng kāi 发表fā biǎo fā biǎo de de 证据zhèng jù zhèng jù 表明biǎo míng biǎo míng zài zài LaborLabor Labor 任期rèn qī rèn qī nèi nèi "" " 四大sì dà sì dà "" " 合规hé guī hé guī 迅速xùn sù xùn sù 改善gǎi shàn gǎi shàn
问题wèn tí wèn tí de de 系统性xì tǒng xìng xì tǒng xìng 76%76% 76% 合规hé guī hé guī 表明biǎo míng biǎo míng zhè zhè 不是bú shì bú shì 独特dú tè dú tè de de CoalitionCoalition Coalition 管理guǎn lǐ guǎn lǐ 失败shī bài shī bài 而是ér shì ér shì 结构性jié gòu xìng jié gòu xìng 政府zhèng fǔ zhèng fǔ ITIT IT 挑战tiǎo zhàn tiǎo zhàn [[ [ 55 5 ]] ]
** * ** * 比较bǐ jiào bǐ jiào ** * ** * CoalitionCoalition Coalition LaborLabor Labor 政府zhèng fǔ zhèng fǔ dōu dōu zài zài 相同xiāng tóng xiāng tóng de de 网络安全wǎng luò ān quán wǎng luò ān quán 实施shí shī shí shī 挑战tiǎo zhàn tiǎo zhàn zhōng zhōng 挣扎zhēng zhá zhēng zhá
这个zhè ge zhè ge 问题wèn tí wèn tí 似乎sì hū sì hū shì shì 结构性jié gòu xìng jié gòu xìng // / 系统性xì tǒng xìng xì tǒng xìng de de ér ér 不是bú shì bú shì 政治性zhèng zhì xìng zhèng zhì xìng de de yóu yóu 老化lǎo huà lǎo huà de de ITIT IT 基础设施jī chǔ shè shī jī chǔ shè shī 资源zī yuán zī yuán 限制xiàn zhì xiàn zhì 所有suǒ yǒu suǒ yǒu 联邦lián bāng lián bāng 机构jī gòu jī gòu 相互竞争xiāng hù jìng zhēng xiāng hù jìng zhēng de de 优先yōu xiān yōu xiān 事项shì xiàng shì xiàng 驱动qū dòng qū dòng 无论wú lùn wú lùn 哪个nǎ ge nǎ ge 政府zhèng fǔ zhèng fǔ 执政zhí zhèng zhí zhèng
🌐

平衡视角

虽然suī rán suī rán gāi gāi 声明shēng míng shēng míng zài zài 事实上shì shí shàng shì shí shàng 准确zhǔn què zhǔn què CoalitionCoalition Coalition zài zài 多个duō gè duō gè 部门bù mén bù mén 未能wèi néng wèi néng 遵守zūn shǒu zūn shǒu 强制性qiáng zhì xìng qiáng zhì xìng "" " 四大sì dà sì dà "" " 网络安全wǎng luò ān quán wǎng luò ān quán 策略cè lüè cè lüè dàn dàn 完整wán zhěng wán zhěng de de 理解lǐ jiě lǐ jiě 需要xū yào xū yào 承认chéng rèn chéng rèn 证据zhèng jù zhèng jù 背景bèi jǐng bèi jǐng
While the claim is factually accurate that the Coalition failed to comply with Top 4 cyber security strategies in multiple departments, a complete understanding requires acknowledging both the evidence and context: **The Coalition's Failures (Legitimate Criticism):** - Multiple ANAO audits documented objective non-compliance across departments [1][2][3] - Some failures were substantial: 1,400+ users bypassing whitelisting in Immigration, major patching failures across ATO [1][2] - PM&C specifically misrepresented its compliance status to auditors, raising accountability questions [3] - By 2021-22, 76% of government entities remained non-compliant, suggesting slow remediation [5] **Important Context (Why This Is Complex):** - This was not a Coalition-specific policy failure; Labor inherited the same non-compliance and made limited progress despite having the opportunity to prioritize it [5] - The technical barriers to implementation (legacy systems, whitelisting on older platforms) affected all governments [3] - The scale of the problem (76% non-compliance) indicates systemic infrastructure challenges rather than policy neglect—this would require major IT modernization investment - ANAO itself noted that full compliance required significant capital investment in system modernization and ongoing operational resources [3] - When Labor assumed government, it chose to expand the framework (Essential Eight) rather than focus on fixing existing gaps, suggesting similar resource constraints [4] **Key Context:** This is a real government cyber security failure that spanned the entire Coalition era (2013-2022), but it was not unique to the Coalition.
 ** * ** * CoalitionCoalition Coalition de de 失败shī bài shī bài 合理hé lǐ hé lǐ 批评pī píng pī píng ** * ** *
The systemic nature (affecting 76% of agencies) and continuation under Labor suggest this reflects long-standing Australian government IT infrastructure challenges that transcend individual political administrations.
 -- - 多次duō cì duō cì ANAOANAO ANAO 审计shěn jì shěn jì 记录jì lù jì lù le le 部门bù mén bù mén de de 客观kè guān kè guān 合规hé guī hé guī 情况qíng kuàng qíng kuàng [[ [ 11 1 ]] ] [[ [ 22 2 ]] ] [[ [ 33 3 ]] ]
Criticism of the Coalition's failure is fair, but presenting this as uniquely a Coalition problem would be misleading given the evidence of continuation under Labor.
 -- - 有些yǒu xiē yǒu xiē 失败shī bài shī bài shì shì 严重yán zhòng yán zhòng de de 移民部yí mín bù yí mín bù 超过chāo guò chāo guò 11 1 ,, , 400400 400 míng míng 用户yòng hù yòng hù 绕过rào guò rào guò 白名单bái míng dān bái míng dān 税务局shuì wù jú shuì wù jú 存在cún zài cún zài 重大zhòng dà zhòng dà 补丁bǔ dīng bǔ dīng 管理guǎn lǐ guǎn lǐ 失败shī bài shī bài [[ [ 11 1 ]] ] [[ [ 22 2 ]] ]
-- - 总理zǒng lǐ zǒng lǐ 内阁nèi gé nèi gé 特别tè bié tè bié xiàng xiàng 审计员shěn jì yuán shěn jì yuán misrepresentedmisrepresented misrepresented 合规hé guī hé guī 状态zhuàng tài zhuàng tài 引发yǐn fā yǐn fā 问责wèn zé wèn zé 问题wèn tí wèn tí [[ [ 33 3 ]] ]
-- - dào dào 20212021 2021 -- - 2222 22 年度nián dù nián dù 76%76% 76% de de 政府zhèng fǔ zhèng fǔ 实体shí tǐ shí tǐ 仍然réng rán réng rán 合规hé guī hé guī 表明biǎo míng biǎo míng 整改zhěng gǎi zhěng gǎi 缓慢huǎn màn huǎn màn [[ [ 55 5 ]] ]
** * ** * 重要zhòng yào zhòng yào 背景bèi jǐng bèi jǐng 为什么wèi shén me wèi shén me zhè zhè hěn hěn 复杂fù zá fù zá ** * ** *
-- - zhè zhè 不是bú shì bú shì CoalitionCoalition Coalition 特有tè yǒu tè yǒu de de 政策zhèng cè zhèng cè 失败shī bài shī bài LaborLabor Labor 继承jì chéng jì chéng le le 相同xiāng tóng xiāng tóng de de 合规hé guī hé guī 情况qíng kuàng qíng kuàng 尽管jǐn guǎn jǐn guǎn yǒu yǒu 机会jī huì jī huì 优先yōu xiān yōu xiān 考虑kǎo lǜ kǎo lǜ dàn dàn 进展jìn zhǎn jìn zhǎn 有限yǒu xiàn yǒu xiàn [[ [ 55 5 ]] ]
-- - 实施shí shī shí shī de de 技术jì shù jì shù 障碍zhàng ài zhàng ài 遗留yí liú yí liú 系统xì tǒng xì tǒng jiù jiù 平台píng tái píng tái shàng shàng de de 白名单bái míng dān bái míng dān 影响yǐng xiǎng yǐng xiǎng le le 所有suǒ yǒu suǒ yǒu 政府zhèng fǔ zhèng fǔ [[ [ 33 3 ]] ]
-- - 问题wèn tí wèn tí de de 规模guī mó guī mó 76%76% 76% 合规hé guī hé guī 表明biǎo míng biǎo míng shì shì 系统性xì tǒng xìng xì tǒng xìng 基础设施jī chǔ shè shī jī chǔ shè shī 挑战tiǎo zhàn tiǎo zhàn ér ér 不是bú shì bú shì 政策zhèng cè zhèng cè 忽视hū shì hū shì zhè zhè 需要xū yào xū yào 大量dà liàng dà liàng de de ITIT IT 现代化xiàn dài huà xiàn dài huà 投资tóu zī tóu zī
-- - ANAOANAO ANAO 本身běn shēn běn shēn 指出zhǐ chū zhǐ chū 完全wán quán wán quán 合规hé guī hé guī 需要xū yào xū yào zài zài 系统xì tǒng xì tǒng 现代化xiàn dài huà xiàn dài huà 持续chí xù chí xù 运营yùn yíng yùn yíng 资源zī yuán zī yuán 方面fāng miàn fāng miàn 进行jìn xíng jìn xíng 大量dà liàng dà liàng 资本zī běn zī běn 投资tóu zī tóu zī [[ [ 33 3 ]] ]
-- - dāng dāng LaborLabor Labor 执政zhí zhèng zhí zhèng shí shí 选择xuǎn zé xuǎn zé 扩展kuò zhǎn kuò zhǎn 框架kuāng jià kuāng jià "" " 基本jī běn jī běn 八项bā xiàng bā xiàng "" " ér ér 不是bú shì bú shì 专注zhuān zhù zhuān zhù 修复xiū fù xiū fù 现有xiàn yǒu xiàn yǒu 差距chā jù chā jù 表明biǎo míng biǎo míng 类似lèi sì lèi sì de de 资源zī yuán zī yuán 限制xiàn zhì xiàn zhì [[ [ 44 4 ]] ]
** * ** * 关键guān jiàn guān jiàn 背景bèi jǐng bèi jǐng ** * ** * 这是zhè shì zhè shì 一个yí gè yí gè 真实zhēn shí zhēn shí de de 政府zhèng fǔ zhèng fǔ 网络安全wǎng luò ān quán wǎng luò ān quán 失败shī bài shī bài 贯穿guàn chuān guàn chuān 整个zhěng gè zhěng gè CoalitionCoalition Coalition 时代shí dài shí dài 20132013 2013 -- - 20222022 2022 dàn dàn 不是bú shì bú shì CoalitionCoalition Coalition 独有dú yǒu dú yǒu de de
问题wèn tí wèn tí de de 系统性xì tǒng xìng xì tǒng xìng 影响yǐng xiǎng yǐng xiǎng 76%76% 76% de de 机构jī gòu jī gòu 以及yǐ jí yǐ jí zài zài LaborLabor Labor 政府zhèng fǔ zhèng fǔ xià xià de de 持续chí xù chí xù 存在cún zài cún zài 表明biǎo míng biǎo míng zhè zhè 反映fǎn yìng fǎn yìng le le 超越chāo yuè chāo yuè 个别gè bié gè bié 政治zhèng zhì zhèng zhì 政府zhèng fǔ zhèng fǔ de de 长期cháng qī cháng qī 澳大利亚政府ào dà lì yà zhèng fǔ ào dà lì yà zhèng fǔ ITIT IT 基础设施jī chǔ shè shī jī chǔ shè shī 挑战tiǎo zhàn tiǎo zhàn
duì duì CoalitionCoalition Coalition 失败shī bài shī bài de de 批评pī píng pī píng shì shì 公平gōng píng gōng píng de de dàn dàn jiāng jiāng 呈现chéng xiàn chéng xiàn wèi wèi CoalitionCoalition Coalition 独有dú yǒu dú yǒu de de 问题wèn tí wèn tí jiāng jiāng shì shì 误导性wù dǎo xìng wù dǎo xìng de de 因为yīn wèi yīn wèi yǒu yǒu 证据zhèng jù zhèng jù 表明biǎo míng biǎo míng zài zài LaborLabor Labor 政府zhèng fǔ zhèng fǔ xià xià réng réng zài zài 持续chí xù chí xù

属实

6.5

/ 10

CoalitionCoalition Coalition 政府zhèng fǔ zhèng fǔ 确实què shí què shí zài zài 多个duō gè duō gè 部门bù mén bù mén 未能wèi néng wèi néng 遵守zūn shǒu zūn shǒu 强制性qiáng zhì xìng qiáng zhì xìng "" " 四大sì dà sì dà "" " 网络安全wǎng luò ān quán wǎng luò ān quán 策略cè lüè cè lüè 正如zhèng rú zhèng rú 严格yán gé yán gé de de 独立dú lì dú lì ANAOANAO ANAO 审计shěn jì shěn jì suǒ suǒ 记录jì lù jì lù de de 那样nà yàng nà yàng [[ [ 11 1 ]] ] [[ [ 22 2 ]] ] [[ [ 33 3 ]] ]
The Coalition government did fail to comply with mandatory Top 4 cyber security strategies across multiple departments, as documented by rigorous independent ANAO audits [1][2][3].
 然而rán ér rán ér zhè zhè 不是bú shì bú shì CoalitionCoalition Coalition 独有dú yǒu dú yǒu de de 问题wèn tí wèn tí 类似lèi sì lèi sì de de 合规hé guī hé guī 问题wèn tí wèn tí zài zài LaborLabor Labor 政府zhèng fǔ zhèng fǔ 20222022 2022 -- - 20262026 2026 xià xià 存在cún zài cún zài 并且bìng qiě bìng qiě 似乎sì hū sì hū shì shì 澳大利亚政府ào dà lì yà zhèng fǔ ào dà lì yà zhèng fǔ ITIT IT 基础设施jī chǔ shè shī jī chǔ shè shī 挑战tiǎo zhàn tiǎo zhàn de de 系统性xì tǒng xìng xì tǒng xìng 问题wèn tí wèn tí [[ [ 55 5 ]] ]
However, this was not a Coalition-unique problem—similar compliance issues existed under Labor government (2022-2026) and appear to be systemic to Australian government IT infrastructure challenges [5].

📚 来源与引用 (6)

  1. 1
    anao.gov.au

    anao.gov.au

    Anao Gov

  2. 2
    anao.gov.au

    anao.gov.au

    Anao Gov

  3. 3
    anao.gov.au

    anao.gov.au

    Anao Gov

  4. 4
    cyber.gov.au

    cyber.gov.au

    Cyber Gov

  5. 5
    PDF

    PSPF 2021 22 Assessment Report

    Ag Gov • PDF Document
  6. 6
    computerworld.com.au

    computerworld.com.au

    Computerworld covers a range of technology topics, with a focus on these core areas of IT: generative AI, Windows, mobile, Apple/enterprise, office suites, productivity software, and collaboration software, as well as relevant information about companies such as Microsoft, Apple, and Google.

    Computerworld

评分方法

1-3: 不实

事实错误或恶意捏造。

4-6: 部分属实

有一定真实性,但缺乏背景或有所偏颇。

7-9: 基本属实

仅有微小的技术性或措辞问题。

10: 准确

完全经过验证且客观公正。

方法论: 评分通过交叉参照政府官方记录、独立事实核查机构和原始文件确定。

Previous: C0354 Next: C0356