Australian cyber 'readiness' lags amidst 'arms race'

Perceived arms race is on.

Despite recent efforts to bolster cyber security at a national level within Australia, it lags behind smaller countries at a time when most security professionals believe there's a cyber arms race going on.

According to McAfee, which sponsored a study by Belgian-based think tank, Security & Defence Agenda, 57 per cent of security experts believe a cyber arms race is taking place today.

The study canvassed the views of “80 world-leading policy-makers and cyber-security experts in government, business and academia in 27 countries and anonymously surveyed 250 world leaders in 35 countries”, according to McAfee.

Respondents included staff from security and enforcement agencies such as Interpol, the UN and NATO, as well as academics and service providers.

Israel, Sweden and Finland were ranked as the world's leaders with near perfect digital fortresses, according to the study, which will form a talking point at the think tank's cyber-governance conference Monday, looking at regulating the internet, for example, through potential sanctions against ‘wrongdoers’.

Australia was given middle of the road "3.5" (out of 5 star) rating, based on a methodology developed by Robert Lentz, a former chief information security officer for the US Department of Defence, that takes "cyber-maturity" to mean "predictive cyber-readiness and agility in one’s own area and with partners", covering "supply chain risk management, and comprehensive education and training, starting with the ordinary user to the core group of cyber-defenders."

On par with Australia were Austria, Canada and Japan, while Denmark, Estonia, France, Germany, the Netherlands, Spain, the UK and US were ahead with four stars,

The study ranked 23 counties, including China and Russia (ranked behind Australia), which were named by several participants as the source of most attacks that were causing world leaders to rethink cyber security strategies.

One of the Australian respondents, Ed Dawson, a senior advisor at Queensland University of Technology's Information Security Institute, suggested Australia's private sector tended to shrug off cyber security.

"With electricity for instance we'll have the distributor saying that cyber security is the responsibility of the power generators. It's like they're waiting for an accident to happen."

Australia's voluntary ISP anti-botnet code came under fire from another respondent, Tim Scully, head of cyber security at BAE Systems and chief of its security company, stratsec.

"The problem with voluntary codes is their uneven application," he said, but commended the Australian government for attempting to tackle it.

He added that “Governments tend to move slowly, but with cyber-security we need to move fast. Cyber-security is a social problem, not just a military problem. We talk in terms of national security, but we should talk in the context of national interest.”

However, Australia's involvement in coordinated cyber defense activities such as Cyber Storm, under the "Five Eyes" alliance with other English speaking nations, including the UK, New Zealand, the US and Canada, was seen as a plus, according to Rafal Rohozinski, chief of Canadian security outfit, The SecDev Group.

Join the CSO newsletter!

Error: Please check your email address.

More about BAE Systems AustraliaDepartment of DefenceInterpolMcAfee AustraliaNATOQueensland University of TechnologyQueensland University of TechnologyTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Liam Tung

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place