Security Insights
Overview of Incident Insights Reports
The Incident Insights Report provides an overview and analysis of incident notifications received by OVIC under the information security incident notification scheme. Organisations are encouraged to use the insights within these reports to inform their own information security risk assessments. OVIC will publish these reports on an ongoing basis.
OVIC publishes these reports to enable Victorian public sector (VPS) organisations to use these insights to inform their own information security risk assessments.
These reports cover key areas captured in incident notifications, including:
- information affected and format;
- Business Impact Level (BIL) and corresponding BIL categories; and
- security attributes and areas.
Reports also include the amount of notifications received and the portfolio in which agencies reside, and incidents submitted via OVIC’s voluntary privacy data breach reporting mechanism and the Department of Premier and Cabinet’s Cyber Incident Response Service (CIRS).
These reports provide statistics on the total number of notifications received under the scheme regardless of whether they:
- meet the BIL 2 or above threshold; or
- relate to in scope agencies under Part 4 of the Privacy and Data Protection Act 2014 (Vic).
These reports will provide VPS organisations with greater insights into the whole of Victorian Government threat landscape
Incident Insights Reports
Report for 1 July to 31 December 2022
Report for 1 January to 30 June 2022
Report for 1 July 2021 to 31 December 2021
Report for 1 January 2021 to 30 June 2021
Report for 1 July 2020 to 31 December 2020
Report for 29 October 2019 to 30 June 2020