Security Market Segment LS
Tuesday, 21 July 2020 16:16

Panel offers 60 recommendations to guide development of cyber security strategy

Panel offers 60 recommendations to guide development of cyber security strategy Image by S. Hermann & F. Richter from Pixabay

The Federal Government's Industry Advisory Panel, set up to advise on Australia's 2020 Cyber Security Strategy, has offered 60 recommendations to bolster the countries defences.

The recommendations are centred around five key areas, the IAP said in a statement:

Deterrence: The government has been urged to establish clear consequences for those targeting businesses and Australians.

Prevention: Should include initiatives to help businesses and Australians remain safer online.

Detection: Development of a mechanism between industry and government for real-time sharing of threat information, beginning with critical infrastructure operators.

Resilience: Government should strengthen incident response and victim support options already in place.

Investment: The Joint Cyber Security Centre program should include increased resources and the establishment of a national board in partnership with industry, states and territories with an integrated governance structure underpinned by a charter outlining scope and deliverables.

The panel was made up of Telstra chief executive Andrew Penn (chair), Vocus Group chair Robert Mansfield, Tesla board chair Robyn Denholm, Northrop Grumman Australia chief executive Chris Deeble, NBN Co chief security officer Darren Kane and former US Secretary of Homeland Security Kirstjen Nielsen.

Commenting on the recommendations, Kaspersky ANZ general manager Margrith Appleby said: "The industry advisory panel reports that cyber security has never been more important. Cyber security must be an ongoing effort and not something that you do once and then put aside.

"Writing an internal business case to justify investing in cyber security protection can be challenging especially if businesses fail to view it this way. However, staying one step ahead and appreciating the true risk they pose to a business, needs to be part of the very DNA of running your operation.’’

Commenting on the recommendations, Ian Yip, chief executive of early stage venture capitalist Avertro, said: "The release of any government-initiated cyber security initiative helps with public awareness, which is great. The Industry Advisory Panel Report reads like a management consulting firm's report in that it is filled with industry-standard guiding principles and 'should' statements which with very few experts would argue.

"I particularly applaud the statement that 'the most senior leaders in both private and public sector organisations should have ultimate accountability for cyber security risk'. Lacking at this stage, is the 'how', which I'm hopeful the actual strategy addresses.

"The real challenge moving forward, is that a successful 2020 Cyber Security Strategy hinges upon the government's ability to scale the walls of behavioural change, and the apathetic attitudes towards cyber security that have been systemically engraved into the wider ecosystem.

"If the measures of success are not aligned across all key participating organisations, we are likely to fall prey to the same obstacles that befell the 2016 iteration of the strategy and once again, will not meet the intended outcomes that the well-meaning panel no doubt hopes we can achieve together as an industry."

On prioritising effectiveness, Yip said: "While it would have been nice to see better industry and sector balance across the panel participants, the recommendations make sense and very few industry professionals would disagree with them.

"It will be critical that the authors ensure they optimise for precision instead of leaving statements open to interpretation. Incentives for all involved must also be aligned or the management overheads will require an unbalanced amount of focus, thus taking away from effective execution of actions leading to intended outcomes."

And on the role of innovation in cyber security strategies, he had this comment: "It is great to see that the government realises the need to refresh its Cyber Security Strategy and adapt to the ever-evolving cyber threat environment. While it is commendable that the recommendations include the need to help organisations and citizens that may not have the necessary resources to combat cyber threats and manage their risks appropriately, we must actively acknowledge that local Australian cyber security capabilities and innovation play a real part in helping solve the overarching problem.

"Take the fast-growing start-up ecosystem as an example. Enabled by the support of AustCyber and accelerators like CyRise, we now have real experts and companies that can make an impact on a global level. It would do the industry a real disservice to view cyber security start-ups through the over-used lens of only requiring funding and support, rather than looking for opportunities where we can contribute to the macro challenge that the Cyber Security Strategy is aiming to tackle."

Roger Carvosso, strategy director at the ASX-listed global cloud security outfit FirstWave Cloud Technology, said: "This report is very timely, and a wake-up call again to Australian businesses. As a global cyber security company, we have seen first-hand the exponential growth in cyber threats during this pandemic, especially targeting SMEs. We have to be proactive in our approach to cyber reliance, not reactive. This report shows strong commitment to this approach which we applaud."

"This report is a good framework to meet the greatest business threat of our time – cyber crime. Most small businesses that get financially compromised by cyber crime like phishing and ransomware attacks find it very hard to survive.

"And, with the financial stress they are under now from this pandemic, it would be a double blow. Getting your business 'perimeter' cyber secure is a quick way to stop more than 90% of cyber threats before they reach the business. And as the report states, getting your staff trained to meet this challenge is mandatory, and an effective way to stop those that already reside in your business.

"The biggest challenge now for many small- and medium-sized enterprise is getting rubber on the road as we are now in the midst of the worst cyber crime spree the world has seen.

"With the huge growth in staff now working from home in a less cyber secure environment, businesses are now more at risk. We have witnessed our partners and customers move most staff to remote working and indications are that many won't return back to the office for a long time, if ever. Equipping staff with both training and technology is key to keeping ahead of this threat tsunami."

Read 4558 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here


The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.



It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site and prominent Newsletter promotion and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.


Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous




Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News