The pledge of $1.46 billion by the Australian Government into cyber security will potentially be used for situational awareness.
That is according to Trend Micro A/NZ managing director, Sanjay Mehta, who draws parallels to the US$6 billion the US Government set aside for its own initiative.
“The US calls it continuous monitoring and the amount is solely for that,” he said.
Situational awareness is fundamentally about visibility and what is going on with a network on an ongoing basis, combining both technology and “people who understand it,” according to him.
For that reason, Mehta expects the Australian Government’s approach is not going to be too different from any other major Government’s.
“They are all worried about targeted attacks, the ones that are unknown and unseen in nature,” he said.
Unlike the old style of attack which would appear and cause havoc, the new approach is to covertly plant the malware in systems which may then lay dormant for months.
As a result, the presence of the malware may not be immediately clear until it wakes up to carry out the attack.
Mehta characterises it as a “very slow and calculated” attack, but when it affects the system, it is usually in a “bad way.”
“Getting the insight into what is going on in the environment and picking up on that early before it really bites is a huge focus, and it will be a big focal point for cyber efforts here,” he said.
One of many
The $1.46 billion amount is quite specific, and Mehta admits to being curious in how the Australian Government came up with the number.
“Whether it is one or six billion, they are huge sums of money and it is a good start,” he said.
“It is certainly a lot better than zero.”
While Mehta is unable to speculate on how the money will be split up, he expects “lots of integrators” will be involved and there will be “tons of technologies” along the way, not to mention bureaucracy.
“Where that money goes is fairly masked to everybody,” he said.
“As for how much is actually targeted at the problem itself, it is tough to say.”
One thing Mehta is willing to bet on is that the investment by the Government, while sizable, will not be the last one it makes into cyber security.
“I’ve worked in the industry for 15 years, and every time someone announces a ‘be all end all’ solution, the bad guys turn around and adjust the attack vector by a few degrees, and off goes the chase again,” he said.
Mehta reiterates that there is “no silver bullet” to the security problem, and since the threat environment changes so quickly, the $1.46 billion may not be enough.
“They have list of things to achieve with that $1 billion dollars, and those priorities will change as we move forward and the threat profile changes,” he said.
“It will be reprioritised as the years go by and threats change, but it’s a good start.”
Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.