Deloittes appointed to review Ministry of Social Development’s network security
16 October 2012.
The Ministry of Social Development has appointed Deloittes to review its computer network security, the Ministry’s Chief Executive, Brendan Boyle, said today.
“The review will happen in two phases. The first will deal with the immediate issue regarding the security of our public kiosks. Deloittes will look at what happened, how secure information was able to be accessed, and will determine why it happened and what steps we need to take to ensure it can’t happen again.
“The second phase will involve a broader look at security across all the Ministry’s IT systems, including policies, governance and culture. This second phase will take longer and more work needs to be done on the scope of this part of the review.
“We received a report from Dimension Data in April 2011, which identified flaws in our system. We will be asking Deloittes to determine what we did to follow up this report’s recommendations and whether our response was adequate. Since yesterday afternoon I have received further information that means I am not confident that we took the right actions in response to Dimension Data’s recommendations on security. I will look to the review to provide me with the answers.
“I can confirm that KPMG was not engaged to penetration test our public kiosks. They have, however, been engaged in doing testing on other parts of our system.
“Our immediate aim is to resolve any security problems and restore public confidence in our systems,” Mr Boyle said.