Is Australia ready to thwart the cyber attacks?

| February 28, 2014

There is cause for concern that Australia’s change of government has slowed down initiatives to protect businesses and institutions defend against online attacks. Dr Tanveer Zia, a cyber security researcher at Charles Sturt University, calls for the development of an Australian framework.

According to a recent publication ‘Strategies to Mitigate Targeted Cyber Intrusions’ produced by Cyber Security Operations Centre in Australian Signals Directorate (ASD), Australian computer networks are being targeted by adversaries seeking access to sensitive information. The publication which was originally published in 2010 has been reproduced in February 2014. This coincides with the US Government Cybersecurity Framework’ produced by the National Institute of Standards and Technology (NIST) and released on 12 February 2014.

The ASD publication provides a comprehensive checklist of strategies which can be implemented at operational level to prevent from the cyber intrusions. However, there is a need for a holistic approach towards cybersecurity because the cyber threats are evolving along with the technological advancements. Collaboration among government organisations, industry and academic institutions can assist organisations in managing their cybersecurity risks.

Australian government agencies should use the Cyber Security Framework as a benchmark and develop a similar model. The Gillard Government launched the Australian Cyber Security Centre (ACSC) as part of its Strategy for Australia’s National Security in early 2013 and committed $1.46 billion until 2020 to bolster the cyber-security, but a change in government has slowed those initiatives. While writing this blog I wanted to consult the Australia’s National Security Strategy from the Department of the Prime Minister and Cabinet (DPMC) website but the link to ‘’ returned with the message ‘The page you are looking for has been moved or does not exist’ and a search for ‘Strategy for Australia’s National Security’ on DPMC website returned zero results. This shows an alarming lack of interest in cybersecurity from Australia’s top office. On the other hand cybersecurity was announced as one of the strategic research priorities in 2013 by Department of Industry.

There seems to be lack of synchronisation among government departments. Agencies such as Australian Signals Directorate (ASD), Australian Defence Force, Defence Science and Technology Organisation (DSTO), Australian Security Intelligence Organisation, Attorney-General’s Department and Australian Federal Police should take a leading role in developing and disseminating a unified approach towards cybersecurity.

The Australian Government needs to support cyber-security measures because there has been an increase in sophisticated and targeted attacks on networks in both government and businesses. Close to 10,000 incidents related to cyber-security were reported to Australia’s national computer emergency response team (CERT) in 2012, the latest data available so far.