Home›Questions on Notice›QoN 3804

❓ The WA parliamentary question seeks information on penetration testing conducted on government departments and agencies within several ministerial portfolios since March 2017. The answer reveals that penetration testing, including social engineering and phishing tests, was conducted by external consultants on network systems and websites.

AnsweredQoN 3804Legislative Assembly

Asked

14 August 2018

Member

Mr Z.R.F. Kirkup

Portfolio

Child Protection; Women's Interests; Prevention of Family and Domestic Violence; Community Services

QuestionView source ↗

For all departments, agencies, government trading enterprises or boards within the Minister’s portfolio responsibilities, I ask since 11 March 2017: (a) Have any independent consultants or companies been engaged to run penetration or 'White Hat' tests on any internal or external network systems: (i) If so, what consultant or company was engaged and on what date; (ii) If so, did it include any social engineering or phishing tests; and (iii) If not, why not; and (b) Have any independent consultants or companies been engaged to run penetration or 'White Hat' tests on any websites: (i) If so, what consultant or company was engaged and on what date; and (ii) If so, what website (domain only) was tested?

AnswerView source ↗

Answered

18 September 2018

Responded by

Minister for Child Protection; Women's Interests; Prevention of Family and Domestic Violence; Community Services

Response time

9 days

This answer covers multiple Ministers’ portfolios, including Disability Services, Seniors and Ageing, Volunteering, Housing, Veterans Issues, Youth, as well as my Child Protection, Women’s Interests, Prevention of Family and Domestic Violence and Community Services portfolios.
a) Yes. i) OPTUS/Hivint Cybersecurity Consultancy in December 2017 and ES2 Security Solutions in April 2018. ii) Yes. iii) Not applicable. b)Yes. i) CQR Consulting Pty Ltd in December 2017. ii) CPFS.WA.GOV.AU.

View on Parliament of WA