A greater emphasis on end user training is needed if the government wants to improve the national e-security agenda, according to the Australian Computer Society's submission to the Department of Communications, Information Technology and the Arts in its review of the E-Security National Agenda.
The review, which was announced in late March, closed on May 8.
The ACS believes removable media and storage devices, VoIP, public wireless hotspots, instant messaging, online gaming and the commercialization of vulnerability research will present major security threats in Australia.
"Current e-security measures won't adequately protect Australians as our critical infrastructure, business and financial resources are increasingly migrated to the Internet," according to ACS president Philip Argy.
"We believe it is essential that in the review, the government considers methods such as behaviour blocking, virus throttling, protocol anomaly protection and generic exploit blocking to protect governments, businesses and the community.
"End users are the weakest link in the e-security framework, because of diverse ways people can now connect to corporate and government networks. The home user also faces increasing threats, as they are being enticed to upgrade to broadband connections without being educated about the need to implement significantly better firewall and virus protection systems for their always-on connections."
At a national security seminar held last week, Unisys public sector managing partner Allen Koehn said only when standards governing both policy and technology are defined will the industry move away from simply discussing systems and solutions.
"This will provide the framework for public and private sectors to share information and to approach national security as a single, secure, ecosystem making Australia secure," Koehn said.
The ACS has listed 11 points it believes the government must take into consideration when reviewing e-security issues, such as exerting pressure on software developers to produce secure software, collaborating with ISPs to maximize protection for home and business users, establishment of a national e-security expert technical advisory board to address threats of a high magnitude and ensure home users have "appropriate add-on security systems on their computers that take a multilayered approach to security".
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.