Daily BulletinHoliday Centre

The Conversation

  • Written by Greg Austin, Professor UNSW Canberra Cyber, UNSW
The Conversation

This article is part of a series examining the Coalition government’s record on key issues while in power and what Labor is promising if it wins the 2019 federal election.

The government’s chief cyber security coordinator, Alastair McGibbon, told an audience of specialists in November 2018 that the prospect of a catastrophic cyber incident is:

the greatest existential threat we face as a society today.

Using a nautical metaphor, he said such an event was not far off on the horizon, but could be on the next wave. He cited what one technology expert called the most devastating cyber attack in history, the NotPetya attack in 2017. NotPetya was a random attack on a single day that cost one Danish global company more than A$400 million dollars.

The latest dire warning from the government is appropriate, yet its policy responses have not quite matched the challenge – or their own commitments.

Read more: Should cyber officials be required to tell victims of cyber crimes they've been hacked?

Cyber security is everyone’s business

The government is 16 months into a departmental reorganisation in order to deliver better cyber security responses, especially through the new Home Affairs Department. That department has been very busy with everyday skirmishes in the escalating confrontations of cyberspace – from Huawei and 5G policy, to foreign cyber attacks on Australian members of parliament.

But Home Affairs is not the only department with a broad responsibility in cyber security policy. On the military side, the Defence Organisation has moved decisively and with discipline. In 2017, it announced the creation of a 1,000-strong joint cyber unit to be in place within a decade. It also announced increased funding to expand the number of people working in civilian defence roles on cyber operations.

Another department with potentially heavy responsibilities is the Department of Education, working with universities, the TAFE sector and schools. Unfortunately, it appears to be missing in action when it comes to cyber security.

Key plans have stalled

In April 2016, Prime Minister Turnbull released a National Cyber Security Strategy. It included commitments to grow the cyber workforce (especially for women), expand the cyber security industry and undertake annual reviews of the strategy itself.

But in key places the ambitious plans appear to have stalled or fallen short. As a result of the Turnbull overthrow, the post of Minister for Cyber Security – which was only created two years previously – disappeared. The 2018 annual review of the strategy was not released, if it took place at all. The annual threat report of the Australian Centre for Cyber Security (ACSC) did not appear in 2018 either.

In November 2018, AustCyber, an industry growth centre that is one good outcome of the 2016 strategy, published its second Sector Competitiveness Plan. Typical of government funded agencies, it reports much good news. Australia is indeed an international powerhouse of cyber security capability. What is unclear from the report is whether the government’s 2016 strategy has much to do with that.

Read more: Why international law is failing to keep pace with technology in preventing cyber attacks

Where we’re falling short

One indicator that we’re off-track is the fact the AustCyber report of 2018 has no data on the participation of women in the sector after 2016. Reports from the decade prior to 2016 showed a decline from 22% down to 19%, but the government does not appear to be tracking this important commitment after it was made.

In other bad news, the AustCyber report concludes that the education and workforce goals remain unfulfilled. It is hard to estimate how badly, since the initial strategy of April 2016 set no baselines or metrics. AustCyber now assesses that:

the skills shortage in Australia’s cyber security sector is more severe than initially estimated and is already producing real economic costs.

On the government’s commitment to increase the cyber workforce, AustCyber reports growth over the previous two years of 7% – roughly 3.5% per year. But it probably needs to be of the order of 10% per year for a full ten years if the gap identified by the report is to be met:

The latest assessment indicates Australia may need up to 17,600 additional cyber security workers by 2026 …

The government has provided $1.9 million over four years to promote university cyber security education in two Australian universities. That amount is so small it might not even be called a drop in the ocean. As AustCyber suggests, though in muted language, Australia does have huge resourcing holes in our cyber security education capability.

The most important gap in my view is the near total lack of university degree programs or professional education in advanced cyber operations, the near total lack of technical education facilities to support such programs, such as advanced cyber ranges, and a weakly developed national capability for complex cyber exercises.

What we should be doing

In 2018, I argued at a national conference sponsored by the government that Australia needs a national cyber war college, and a cyber civil reserve force, to drive our human capital development. I suggested at the time the college should be set up with a budget of A$100 million per year. Based on a recent international research workshop at UNSW Canberra, I have changed my estimate of cost and process.

Australia needs a cyber security education fund with an initial investment of around A$1 billion to support a new national cyber college. It should be networked around the entire country, and independent of control by any existing education institutions, but drawing on their expertise and that of the private sector.

It would serve as the battery of the nation for cyber security education of the future.

Read more: The public has a vital role to play in preventing future cyber attacks

Labor isn’t offering a better alternative

The Labor Party, through its cyber spokesperson Gai Brodtmann, has been critical of the government’s failure to fill the gaps. But she is retiring from the House of Representatives at the next election.

Labor has no well developed policies, and no budget commitments, that can address the gaps. There is even reason to believe the party doesn’t have a front bench that is engaged with the scope of the challenge. None of them seem to be as technologically oriented as Turnbull, the last cyber champion the Australian parliament may see for a while.

Authors: Greg Austin, Professor UNSW Canberra Cyber, UNSW

Read more http://theconversation.com/australia-is-vulnerable-to-a-catastrophic-cyber-attack-but-the-coalition-has-a-poor-cyber-security-track-record-113470

INTERWEBS DIGITAL AGENCY

The Conversation

Politics

Closing the Gap Statement to Parliament

Mr Speaker, when we meet in this place, we are on Ngunnawal country. I give my thanks and pay my respects to our Ngunnawal elders, past, present and importantly emerging for our future. I honour...

Scott Morrison - avatar Scott Morrison

Prime Minister Interview with Alan Jones

ALAN JONES: Prime Minister, good morning.    PRIME MINISTER: Good morning, Alan.    JONES: I was just thinking last night when we're going to talk to you today, you must feel as though you've ...

News Company - avatar News Company

Prime Minister Bridget McKenzie press conference

PRIME MINISTER: Good afternoon everybody. The good news is that the Qantas flight is on its way to Wuhan and I want to thank everybody for their cooperation, particularly the Chinese Government as...

Scott Morrison - avatar Scott Morrison

Business News

Is Hiring a Corporate Lawyer for Your Company Necessary?

Alternative online legal services like LegalZoom, Incfile, and Rocket Lawyer provides young and budding entrepreneurs access to legal help at a much affordable price without having to hire or meet a l...

Joe Curmi - avatar Joe Curmi

Top 5 Green Marketing Ideas for Your Eco-Friendly Small Business

According to studies, about 33 percent of consumers prefer buying from brands that care about their impact on the environment. This is good news for anyone running an eco-friendly business. It’s a...

Diana Smith - avatar Diana Smith

Choosing the Right Coworking Space For Your Business

As the capital of Victoria in Australia, Melbourne is inhabited by millions of people and is known as one of the most liveable cities in the world. The latter is due to the city’s diverse community...

Sarah Williams - avatar Sarah Williams

Travel

Travelling With Pets? Here Is What You Should Know

Only a pet parent can understand the dilemma one experiences while planning a vacation. Do you leave your pets at home?  Will you get a pet sitter or someone to take care of them while you are away?...

News Company - avatar News Company

How to Be a Smart Frugal Traveller

You are looking through Instagram, watching story after story of your followers overseas at a beach in Santorini, walking through the piazza in Italy, and eating a baguette in front of the Eiffel ...

News Company - avatar News Company

HOW TO PREPARE FOR YOUR GRADUATION TRIP

Graduation is the stage of life when a student receives the rewards of hard work of years. It must have taken sleepless nights and tiring days to achieve the task. Now, as you have received your cov...

News Company - avatar News Company

ShowPo