City of Stirling Digital Strategy

As digital services expand across our City, so too does the need for robust, adaptive cybersecurity. Our City is entering a new phase of maturity – moving beyond foundational protections toward more proactive, intelligence driven approaches. This focus area reflects our commitment to safeguarding community data, ensuring service continuity and building trust in our digital infrastructure. Guiding principles: 1. Cybersecurity as a shared responsibility We are fostering cyber awareness across staff, leadership and community stakeholders, recognising that cybersecurity is a whole-of organisation priority 2. Secure by design Outcomes • CS1. High-level security compliance By implementing robust cybersecurity frameworks and ensuring continuous monitoring to meet industry standards and regulatory requirements for IT, OT and IoT, safeguarding sensitive data and maintaining compliance with privacy laws • CS2. Rapid incident response protocols By developing and testing efficient incident response plans for IT, OT and IoT to ensure a swift and coordinated reaction to potential cyber threats, minimising the impact of security breaches and restoring operations as quickly as possible Integrate security into the lifecycle, ensuring that applications, systems and tools are built with security in mind from the outset

“It takes a City” is crucial to our strategy, emphasising cybersecurity and privacy as shared responsibilities. This approach is preparing Team Stirling for new threats and keeps systems resilient. By further integrating security into our culture, we will not only protect systems and data but also mitigate human risks through comprehensive training programs, empowering our personnel to actively contribute to the City’s security.

3. Governance and compliance Our approach aligns with the Australian and Western Australian cybersecurity strategies, ensuring we meet expectations while tailoring solutions to our local needs 4. Future-focused investments We are investing in scalable, cloud-based security platforms and exploring partnerships for threat intelligence sharing, ensuring our defences evolve alongside emerging threats. • CS3. Sensible risk-based approach By adopting a sensible, risk-based approach to cybersecurity, prioritising resources and mitigation efforts based on the potential impact and likelihood of threats. This includes aligning security measures with the City’s most critical assets and vulnerabilities while minimising disruptions to operations • CS4. Embedding cybersecurity into culture and values By ensuring our people and our community are well informed about cybersecurity threats and consistently follow best practices to protect sensitive information, embedding cybersecurity awareness into the City’s culture and values.

City of Stirling Digital Strategy 2025 - 2028 | 19