Skip to content

WA Cyber Security Unit (Office of Digital Government)

OpenSSF Scorecard

This site contains technical information to support WA Government Cyber Security activities. Please propose updates directly via the edit link on each page or email cybersecurity@dpc.wa.gov.au with any feedback. The site is built with Material for MkDocs (reference) which includes several extensions to markdown for enhanced technical writing.

RSS Feeds

If you would like to subscribe to updates for this site please use the RSS or ATOM feeds.

WA Security Operations Centre (WA SOC)

Baselines & Guidelines

Baselines are for use as self-assessment checklists, and guidelines are for general implementation guidance.

Critical Infrastructure Entities and Operational Technology

The CISA Cross-Sector Cybersecurity Performance Goals are clear targeted recommendations focusing on most common and impactful threats, including cost, complexity and impact ratings against each recommendation. These are highly relevant targets for entities in scope of SOCI regulatory obligations.

Guidelines

Additional documentation

The below documents are for general use.

Recent Advisories

2025 September

2025 August
2025 July

WA SOC - Recent Threat Activity (August 2025)

Based on recent high impact incidents seen by the WA SOC, security teams should be focusing on the below areas of improvement based on phishing and phishing resistant MFA:

WASOC Guidance targeted on recent escalation of state-based actor threat activity

Heightened Awareness:

Recent WA SOC advisories this month worth staying across include:

WASOC - General Advice

  • The WA SOC has observed an increase of phishing campaigns where threat actors are exploiting Microsoft SharePoint, leveraging compromised accounts from local businesses to target Western Australian government agencies. Ref: Mimecast, Proofpoint

Security Hardening remains a focus for all organisations. Please refer to the below guides to ensure all external and internal sign-ins are appropriately monitored.