Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Government, business battens hatches following Cyber Storm III

Cyber Storm III security exercise analysis highlights security gaps in business and government, Federal Attorney General, Robert McClelland, says

Major ASX-listed companies and government departments have been fine-tuning their cyber security in the months following their participation in international Cyber Storm III exercise, according to Federal Attorney General, Robert McClelland.

Speaking in Canberra about cyber security collaboration and the results of the Cyber Storm III exercise, released today, McClelland said organisations such Telstra, ASX, Woolworths, and ANZ, as well as government departments and agencies, had picked up valuable learnings about crisis management.

“The Cyber Storm III exercise provided a good test of new government processes including the interim cyber security crisis management plan, which allowed agencies to identify gaps and revise processes,” he said.

“Business organisations that participated advised that their internal processes were effectively tested, refined and improved, and that the exercise had provided an invaluable opportunity to engage with their CEOs on the importance of cyber security.”

McClelland said the training exercise revealed many areas where internal and cross-sector partnerships worked effectively to communicate and resolve issues, but also highlighted areas where communications and planning could be further developed.

“While it did highlight gaps within existing government and business cyber incident processes, particularly in regards to escalation procedures, this feedback allows both government and businesses to take steps to improve our cyber security.”

CyberStorm III was run in September 2010 and involved 50 participants were involved including Australian Government and state and territory agencies, and over 30 organisations from the banking and finance, energy, food, transport, water, IT and communications sectors.

The event was run as a ‘no-fault’ exercise, with the strategic national-level objective being to test and evaluate Australia’s new crisis management arrangements in order to most effectively address an international cyber security event of national significance

In its analysis of the effectiveness of the exercise, consultancy Jakeman Business Solutions said Cyber Storm III proved “very successful” in enabling people to practice, learn and review their performance in relation to others working within and across the broader cyber-related crisis management frameworks.

“Indeed, substantial ‘good will’ was generated between government and industry as part of the entire Cyber Storm III activity, and this should continue to be built upon,” the report (PDF) reads.

“The exercise planning and management process allowed for the development of trusted external organisational relationships that would assist in a real cyber event with training, tools and processes provided by [the Attorney General’s Department] serving as a good foundation for future use.

“Australia should continue to plan and undertake regular cyber exercises as part of a broader national and international engagement program that practices and evaluates performances across tactical, operational and strategic levels.”

According to the report, participants also listed the exercise as a cost-effective way of conducting a business continuity or disaster recovery exercise, and as an opportunity to network with people in their organisation and sector that they may need to engage with in a crisis situation.

Further, it provided an opportunity to exercise and test relationships with key vendors and stakeholders across sectors, to explore inter-dependency issues and build new relationships; build stronger resilience into business and supply chains; and, allow for the identification of opportunities for improvement.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: ANZ, C2, etwork, Telstra, Woolworths
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: cyber security, Cyber Storm III, security
Latest Blog Posts
Whitepapers
  • HP Imaging and Printing Services
    According to Gartner, a major focus for organisations today and in the foreseeable future is shifting from cost reduction to growth, expansion, innovation, and operational excellence. If your organization is serious about driving growth and innovation and improving customer experiences, you’ll find that a well-managed imaging and printing environment is key to these goals. A growing number of organizations are turning to services as a means of integrating imaging and printing into their overall IT infrastructure strategies. It may be one of the fastest ways to continue to drive down costs, fund innovation, and prepare your organisation to capitalise on future opportunities. Read more.
    Learn more »
  • Managing IBM License Complexity
    IBM provides thousands of products in its portfolio and uses a variety of license models, contract terms and conditions. These license models can be very complex, causing frequent confusion for organisations trying to grasp the concepts while maintaining license compliance. While at first IBM licensing may seem incomprehensible, some education on the license models and licensing scenarios will help minimise the confusion. In addition, a more automated approach to managing licenses enables organisations to gain control, reduce ongoing software costs and minimise license liability risks. Read on.
    Learn more »
  • Case Study: NZ Bus Develops Applications 60% Faster, Improves Database Performance by up to 35%
    Key Benefits: Developed applications 60% faster, Created development and test environments in minutes compared to days and weeks previously, Reduced server costs by 30% with server virtualisation, Saved NZ$40,000 in database administrator training costs, Provided high availability features that keep the database and core applications up and running in the event of a server failure, Introduced compression capabilities that improved database performance by 30% to 35%. Read on.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments