Australia's federal government systems are vulnerable to cyber threats with progress lagging on key security areas.
There's also been a sharp rise in the number of cyber threats reported by commonwealth bodies, jumping to more than 50 per cent from a little over 10 per cent over a year.
The Commonwealth Cyber Security Posture report assessed government entities' progress in meeting eight essential mitigation strategies.
The Australian Cyber Security Centre found while some positive and proactive steps were being taken, more needed to be done to meet the "essential eight".
"As a result, these entities are vulnerable to current cyber threats targeting the Australian government," the report, tabled in parliament, said.
It found commonwealth bodies have inadequate visibility of their information systems and data.
Among the other drawbacks were obsolete and unsupported operating systems and applications, along with outdated security and ineffective risk management practices.
Implementation of the top four strategies to mitigate cyber security incidents is incomplete, with 73 per cent of commonwealth entities reporting ad hoc progress and 67 per cent admitting more needed to be done.
In 2019, the majority of respondents reported experiencing hundreds of cyber security events or incidents every day, up from a little more than 10 per cent in 2018.
Australian Associated Press