Friday, 06 September 2019 17:10

Govt hints it wants bigger role in cyber security, invites input Featured

By
Peter Dutton: "The government's 2016 Cyber Security Strategy has strengthened Australia's national cyber security footing, deepened our engagement with industry, and positioned Australia as a prominent regional leader in cyber security." Peter Dutton: "The government's 2016 Cyber Security Strategy has strengthened Australia's national cyber security footing, deepened our engagement with industry, and positioned Australia as a prominent regional leader in cyber security."

The Federal Government has indicated that it would like to play a much bigger role in managing cyber security incidents in Australia, releasing a discussion paper and inviting views from all and sundry towards drafting a cyber security strategy for 2020.

The paper, released by Home Affairs Minister Peter Dutton on Friday, says the 2020 strategy will build on the 2016 strategy that was put in place by former prime minister Malcolm Turnbull.

Dutton said the new strategy would be developed in close collaboration with industry, research partners and community groups.

"Strong collaboration and partnerships are vital to ensure this strategy is well positioned to tackle the cyber security challenges we face as a nation," he said.

Within the paper, the government gave a hint that it might like to have a closer look at changing the laws that govern the cyber environment.

"The government currently uses its cyber security capabilities within a legislative framework that was established before the Internet became a foundational element of our economy, and without a modern perspective on how malicious cyber activity crosses traditional geographical borders," the discussion paper says.

"Government’s activity is also regulated strictly by law and subject to extensive external and independent scrutiny to protect the privacy of Australians."

Last year, News Corporation newspapers reported that the Australian Signals Directorate was looking at extending its surveillance to Australians. This year, the Australian Federal Police raided the home of Annika Smethurst, the reporter who wrote the story. The government has denied that the ASD would extend its role in this manner.

The raid has been followed by court action, taken by News Corporation, along with the ABC which was raided over another story.

Another section of the discussion paper also hints that the government would like a freer hand in dealing with cyber incidents. "Under existing legislative frameworks, government can only take direct action to prevent or respond to cyber security incidents with the permission of network owners (including other government agencies)," the paper says.

"This takes time and gives malicious actors an advantage. In national emergency situations, it may be appropriate for government agencies to take swifter action."

As an example, the paper cites the Bluekeep vulnerability in older versions of Windows and suggests that there are as many as 50,000 vulnerable machines in the country, it might be better for the government to act to identify vulnerable systems before a worm based on this flaw was released.

The discussion paper includes a number of questions seeking input and comments can be submitted until 1 November.

Commenting on the release of the consultation paper, Kevin Vanhaelen, regional director for Asia-Pacific at security firm Vectra, said: "The release of today’s consultation paper is an important step in protecting Australia from foreign threats. State-sponsored attackers, seeking to do economic and political damage to another country, are naturally drawn to critical infrastructure and services.

"At one time, manufacturing, transportation, utilities, energy and other critical infrastructure were thought to be impervious to cyber attacks because the computers used to operate them did not access the internet and were separate from the corporate network. This is no longer true. The risk of nation-state threats, espionage and internal exposure has risen in today's age of connectivity."

Vanhaelen said nation states had plenty of resources, were innovative and highly motivated whereas organisations had limited time and limited human and technical resources to protect rapidly expanding attack surfaces.

"Nation states, or their sponsored proxies, have broad motivations, and expecting the unexpected is a difficult task. All organisations therefore need to realise that breaches are a case of 'when not if' and so equip themselves to identify and respond to attacks to remediate them in their early stages before catastrophic damage is done," he added.

LEARN HOW TO REDUCE YOUR RISK OF A CYBER ATTACK

Australia is a cyber espionage hot spot.

As we automate, script and move to the cloud, more and more businesses are reliant on infrastructure that has high potential to be exposed to risk.

It only takes one awry email to expose an accounts payable process, and for cyber attackers to cost a business thousands of dollars.

In the free white paper ‘6 steps to improve your Business Cyber Security’ you will learn some simple steps you should be taking to prevent devastating malicious cyber attacks from destroying your business.

Cyber security can no longer be ignored, in this white paper you will learn:

· How does business security get breached?
· What can it cost to get it wrong?
· 6 actionable tips

DOWNLOAD NOW!

ADVERTISE ON ITWIRE NEWS SITE & NEWSLETTER

iTWire can help you promote your company, services, and products.

Get more LEADS & MORE SALES

Advertise on the iTWire News Site / Website

Advertise in the iTWire UPDATE / Newsletter

Promote your message via iTWire Sponsored Content/News

Guest Opinion for Home Page exposure

Contact Andrew on 0412 390 000 or email [email protected]

OR CLICK HERE!

Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

VENDOR NEWS & EVENTS

REVIEWS

Recent Comments