​Collaborating to Create Stronger Intelligence Networks

It would be easy to sit back and think that all the threat actors out there, trying to break into our systems to steal data or cause mayhem, are working in isolation. But the days of the lone wolf sitting in a darkened room, with a hoodie pulled low over their face, are well behind us.

The bad guys are well resourced and operate in a collaborative environment where zero-day exploits are traded, toolkits for creating malware are sold and botnets for executing attacks can be rented for carrying out anything from a phishing campaign to a large scale DDoS attack.

Dr Maria Milosavljevic is Chief Information Officer of AUSTRAC, the Australian Transaction Reports and Analysis Centre. AUSTRAC is Australia's financial intelligence agency and has regulatory responsibility for anti-money laundering and counter-terrorism financing. They identify threats and criminal abuse of the financial system, and act to protect Australia's economy.

Their vision is to work closely with law enforcement, national security, regulatory and private sector partners in order to better detect, prevent and disrupt financial crime through collaboration, innovation and information and actionable advice sharing on a global scale.

Milosavljevic began her presentation at the recent Technology in Government conference held in Canberra by painting a picture of the world AUSTRAC sees.

There has 300% increase in terrorism reporting over recent years with organised crime costing the Australian economy around $36B. Cybercrime topped Australia’s list of economic crimes. There are over 115,000 bitcoin transactions each day and $12B are being invested in fintech startups, signalling a significant change in how financial markets work.

Global collaboration is a challenge she says. Financial systems are founded upon standards but this needs to be challenged she says.

“If you’re talking about a small country that doesn’t have the same level of innovation as a large country, how does the larger country assist them? It’s not just about giving them money. It’s about being on-site and understanding their context and truly helping them improve their capability”.

So, what does excellence look like? Milosavljevic says one of the key things is to share with intent.

“Rather than overloading everyone with everything, it’s about truly understanding what you’re truly trying to achieve and then understanding what we have to offer and vice-versa. Rather than just dumping information, it’s about actually being more responsible, taking responsibility for what you share rather than just needing to share”.

Milosavljevic reiterated a model that was used by several other speakers at the conference – the idea of a “data lake”. This is a large body of raw data from which machine learning systems, data marts and network discovery tools can be used to extract useful insights and actionable advice.

This is different to the traditional data warehouse or data mart model. The data lake is a large unfiltered mass of data which is not created with the intent to answer specific questions. Data warehouses and data marts were usually designed to answer specific business questions. With a data lake, it’s possible to ask almost any question from the data.

What will success look like?

The most important success factor, says Milosavljevic, is ensuring alignment of the intelligence network with the needs of the businesses that are involved. The user experience has to come first.

“What are we trying to achieve? Who are the real people, doing real work, under what scenarios and how do we make a difference?”.

There’s also a need to be experimental and to prepared to fail fast and move forward. This extends to realising the system may never be “done” and development and refinement will be ongoing, rather than being like a traditional project with a beginning, middle and end.

Milosavljevic’s final point was the need to break down silos.

“We see silos everywhere. Between organisations, between teams and, of course, country borders. Australia will only share within Australia. It’s not a domestic problem”.

Join the CSO newsletter!

Error: Please check your email address.

Tags credentialsSnapSendSolve@techingovauTechnology In GovernmentSeeClickFixcyber security#techingovauAnthony CaruanaTech in GovAnthony CaruanaAuthorisationopen datacanberraopen governmentgovernmentTechinGovAUCSO AustraliaOutware Mobileidentity management

More about Australian Transaction Reports and Analysis CentreTechnology

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Anthony Caruana

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place