Cyber security funding welcomed by industry
- 24 January, 2013 09:05
The federal government’s $1.46 billion funding in improvements to cyber security networks and establishment of an Australian Cyber Security Centre has received a largely positive response from information security professionals who say it is a good step forward.
Prime Minister Julia Gillard said the funds would help strengthen Australia’s most sensitive networks against attacks from cyber criminals and nation states. The Cyber Security Centre will be operational by the end of 2013 and combine existing security capabilities across the Attonery-General’s Department, Defence, the Australian Security Intelligence Organisation (ASIO), Australian Federal Police (AFP) and the Australian Crime Commission (ACC) in one location.
Gartner Australia research director Rob McMillan told Computerworld Australia that Gillard’s announcement has been a long time coming.
“This is a good step forward, it’s more evolutionary than revolutionary,” he said. “If you look at the major bullet points of the National Security Strategy (PDF), a lot of these have been talked about before such as co-operation with industry and the trusted information security network.”
McMillan added that the Australian government will continue to make security improvements to their technical infrastructure but this will not stop the cyber criminals from trying to find ways in.
“This is the natural order of security. The 'bad guys' keep trying to get in and the good guys will keep building stronger defences. An arms race is a good way to describe it.”
Australian Computer Society (ACS) CEO Alan Patterson said that alongside the recommendations of the National Security Strategy, the ACS would like to see the registration of ICT professionals to allow trusted authorities to share timely updates and information about security threats.
“These are standards that industry and the public takes for granted as being integral to the practice of many other high trust occupations such as law, medicine and accountancy,” he said in a statement.
Patterson also called for Australia to invest in research and development into security technologies which are relevant to protecting computing systems and information infrastructures in the digital economy.
“These include secure distributed information and network systems, mobile software systems, secure applications and Web-based online services.”
According to Huawei Australia chairman John Lord, the federal government’s commitment to bolster Australian security defences was encouraging.
“We stand ready and willing to work with industry and government to make this vision a reality,” he said in a statement. “Globally, Huawei is already working in partnership with governments and security agencies in this critical area.”
In October 2012, Lord proposed the establishment of a national cyber security evaluation centre in Australia to test the security credentials of technologies being implemented into critical infrastructure projects.
A Telstra spokesman said the telco would review details of the cyber security component which formed part of the National Security Strategy and look for opportunities to work with government and other parties to protect Australian interests.
“Cyber security is a key priority for government and industry alike. This announcement includes some significant initiatives that will improve and strengthen our joint efforts in the fight against cyber threats,” the spokesman said in a statement.
Trend Micro Australia and New Zealand managing director Sanjay Mehta said the funding sent a “strong signal” that the Australian government viewed cyber threats as a credible threat to national security.
“Whether or not the figure [of $1.46 billion] announced is sufficient or not, this is something that only time will tell, but it’s certainly a step in the right direction,” he said in a statement.
“If business and government cannot confidently do business online then this will be a huge drag on the economy as a whole.”
Mehta added that it will be “interesting” to see how the Australian Cyber Security Centre and the National Broadband Network (NBN) interact as the network will see every Australian resident, business and government department connected with an unlimited amount of bandwidth.
“This is a huge carrot to cyber criminals but we cannot be scared of this threat because the opportunities are so huge,” he said. “This means that we need a centralised approach to cyber security in Australia in preparation for the NBN connected future.”
Palo Alto Networks Australia and New Zealand senior consultant Tony Kirkham said that while the government cyber security initiative will have a positive impact, attacks are constantly evolving and require constant vigilance for Australia to remain adequately protected.
“It is vital that government agencies, state governments and the private sector maintain awareness of cyber-security risks and ensure that appropriate security controls are deployed.”
Follow Hamish Barwick on Twitter: @HamishBarwick
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.
Five trends affecting legal CIOs
CIO Roundtable: The changing face of security
Bitcoin malware count soars as cryptocurrency value climbs
Bouncing Back From CIO Unemployment
Union slams latest fibre-to-premise trial in Tasmania
Pathways Advanced ICT Leadership Development Program Course Outline and Big 6 2013
Developed by the CIO executive Council in conjunction with Rob Livingstone Advisory, Pathways Advanced is a 12-month CIO delivered, small group, mentor based professional leadership development program. Pathways Advanced brings together best practice, thought leadership and business insights for today’s most promising ICT professionals
Pathways Leadership Development Program Overview 2014
Whitepaper: Preventing Data Loss Takes More Than MDM
You need to secure your BYOD devices—but MDM alone isn't enough to prevent data loss. Read this whitepaper—Data Loss Prevention: When MDM Is Not Enough—to learn how to combat MDM shortcomings. See how to add cross-platform security, implement protection policies, and address risks in consumer apps.