Australia Updates Its Cybersecurity

Estonia already uses its embassies abroad to house servers to safeguard copies of government files

The world of cybersecurity is in constant motion, something administrators forget at their peril. Making decisions, reaching agreement about the measures necessary to safeguard installations and populations – in other spheres these can be done and then left to roll out. But in the world of cybersecurity there needs to be constant adaption, change and review.

Recently we conducted major interviews with cybersecurity experts from the US, Canada and Australia, and in Australia the situation is developing quickly.

As soon as the successful G20 Summit had finished in Australia in November, the continent announced that it is opening a new website for citizens to report cybercrime. At the same time, Prime Minister Tony Abbott officially opened the new Australian Cyber Security Centre in Canberra. While there he announced that Australia will conduct a national cybersecurity review. This all happened within one week.

The cybersecurity review is the first since 2008 since the scheduled one in 2012 was abandoned. The review will be conducted by a panel of experts and Department of the Prime Minister and Cabinet. (You can read our interview with Dr Ian Watt, the outgoing Secretary of Department of the Prime Minister and Cabinet, here.)

The six-month review will look at how both the public and private sectors can work together to enhance national security and the security of online systems. Mr Abbott said that the Australian Signals Directorate (an Intelligence Agency) in just the last year had responded to 940 cyber incidents involving government agencies. This is a 37% increase on the previous year.

KPMG Australia is one of several organisations which thinks the reviews are too far apart and, indeed, should be continually revised given the rapid changes in technology.

ACORN Starts To Grow

One of the purposes of the review is to ally citizens’ fears about the safety and treatment of their personal data. This was partly addressed by amendments to the Australian Privacy Act of March 2014 but the review should also focus people’s attention on their online habits such as storing information and images in public locations.

Citizens’ fears should be further allayed by the launch of ACORN – the Australian Cybercrime Online Reporting Network. This was launched at the end of November and will allow Australians to report cybercrimes ranging from hacking and system attacks to identity theft and illegal content websites.

ACORN has been designed and will be delivered in collaboration with a whole range of Australian security services including all the police agencies, CrimTrac and Australian Crime Commission. The thinking is that since hackers can communicate freely with each other to probe for weaknesses, ACORN will allow government agencies to more freely communicate with each other and access data for protection of both the government and its people.

The government has committed more than a million Australian dollars to the launch of the ACORN website and the services behind it, and will spend nearly a million Australian dollars publicising and promoting the site and service.

Launch Of The ACSC

In our interview with Professor Jill Slay,  GGF reported on her role as Director of the Australian Centre for Cyber Security (ACCS). That unit, based in Canberra, has now been joined by another cybersecurity unit, also based in Canberra. The Australian Cyber Security Centre (ACSC) was opened in November by Prime Minister Tony Abbott, whereas the ACCS was officially opened back in June.

The ACCS belongs to the University of New South Wales and is supported by the government and inside the Police Academy. The new ACSC will predominantly be staffed by members of the Department of Defence forces. It will have a ‘layered’ approach so that some industry personnel will be allowed into the ACSC to work alongside the government.

As with ACORN, one of the aims is to get agencies and staff from different security disciplines in the same place, able to work together and share information, data and planning. Just as the hackers do.

White House Hacks

All this activity across the Australian cybersecurity spectrum comes at the same time as concern is voiced in the US about actual implementation of cybersecurity planning and protection. In a recent post the Washington Times cites internal federal agency reports. These show multiple system hacks of sensitive government agencies, including the White House, in recent months.

The concern is that recommendations and updates simply aren’t being enacted, with recommendations going back to 2010 still being ignored. It’s another reminder of the speed that the cybersecurity world runs at, and how constant the vigilance needs to be.

Related Posts

• 

  Access denied: how governments can boost public servants’ cybersecurity skills
  Access denied: how governments can boost public servants’ cybersecurity skills
• 

  Australia’s top home affairs official sacked for breaching code of conduct
  Australia’s top home affairs official sacked for breaching code of conduct
• 

  US federal government considers waiving incentive limits for new recruits; Canada warns officials of personal data breach: management & workforce news in brief
  US federal government considers waiving incentive limits for new recruits; Canada warns officials of personal data breach: management & workforce news in brief
• 

  From crowdsourcing to gamification: devising next-generation innovation strategies in government
  From crowdsourcing to gamification: devising next-generation innovation strategies in government