Australian government agencies and businesses should be ashamed of themselves if they don’t take advantage of a rare perfect storm of support for the local cybersecurity industry, the prime minister’s special advisor on cyber security has advised while noting a “radical” increase in the rate of cybersecurity-related work during 2017 alone.
Speaking to a capacity Cybersecurity Innovation Day crowd at the Cisco Live! conference in Melbourne, Alastair MacGibbon – one of several key people appointed to head the delivery of the government’s $230m Cyber Security Strategy (CSS) – was enthusiastic about the “particularly remarkable” ramp-up of hiring and policy development among the numerous agencies that are being aligned to execute the CSS.
The fact that the CSS was not only far-reaching but was “actually funded” had underscored the PM’s commitment to the space and highlighted the opportunities that the industry had created, MacGibbon said.
This support, which was feeding tighter engagement of a range of related bodies and a concerted effort at industry development as well as policy enforcement, had created “quite a palpable difference in the mood of the community” since the strategy was announced early last year.
“In this community it’s fair to say there is quite a lot of excitement,” McGibbon said, “and not just because of the strategy but because of the things that have been done so far.”
“The cadence of the work we do has radically increased – and in 2017 the pace has been even greater than our exit velocity in 2016. We’re working on a whole range of things that weren’t even in the strategy itself.”
The 24 February opening of the first of several Joint Cyber Security Centres (JCSC) – collaborative spaces led by CERT Australia and uniting public and private organisations with law enforcement and critical infrastructure agencies – represented a concrete step forward and a “particularly remarkable capacity for a country like Australia to have,” MacGibbon said.
“The ability to bring six agencies together and provide operational response and analysis of events as they occur – and not just across government systems but also large corporates and other sites – is a truly unique national asset,” he said.
“It’s the best way to work out how to share the capacities we have today, to learn from industry, and to grow solutions within Australia to protect ourselves.”
The structure of Australia’s cybersecurity response has been a point of discussion in recent days, with some researchers concerned about reports that the prime minister was considering consolidating emerging cybersecurity capabilities into an overarching US Homeland Security styled-agency.
UNSW Canberra professor Greg Austin was amongst the cybersecurity academics warning about taking the enthusiasm about cybersecurity too far. “This would be a 2001 solution to an American security problem that looks wildly inappropriate for Australian security needs looking out to 2025 and beyond”, he said in a statement this week.
“Our research on threats to Australia suggest urgent needs in niche areas, such as critical infrastructure protection in cyber space and fighting cyber crime. We do need institutional reform to address that, such as a uniformed cyber defence force for the civil sector, but not a wholesale imitation of the U.S. model. ASIO and the Australian police, federal and state, are doing a good job on the counter-terrorism front, unlike their U.S. counterparts in 2001.”
MacGibbon was confident that the changes currently being driven through Australia’s industry would allow for a unified defence that can also, thanks to collaboration with regional authorities, provided the strong ability to address regionally distinct issues – providing “a concept of how we share information and, most importantly, how we respond to issues geographically.”
“That’s the big question: how we open up those capabilities on both sides of the house, and how we share information in a truly national perspective,” he said. “A lot of us have been waiting a long time to create change in this space – and if we don’t take advantage of this proper funding and proper political engagement – well, shame on us.”