Australian Digital Forensics Conference

Document Type

Conference Proceeding


School of Computer and Information Science, Edith Cowan University, Perth, Western Australia


This paper reports on generic issues discovered as a result of conducting computer and network vulnerability assessments (CNVA) on Australian critical infrastructure providers. Generic issues discovered included policy, governance, IT specific such as segregation, patching and updating. Physical security was also lacking in some cases. Another issue was that previous security audits had failed to identify any of these issues. Of major concern is that despite education and awareness programs, and a body of knowledge referring to these issues, they are still occurring. It may be necessary for the federal government to force organisations to undergo computer and network vulnerability assessment from recognised experts on a regular basis.


6th Australian Digital Forensics Conference, Edith Cowan University, Perth Western Australia, December 3rd 2008.