Page 38 - AAPT March 2019
P. 38
Cyber Technology
New guidelines for responding to
cyber attacks don’t go far enough
New guidelines for responding to cyber UK’s National Health Service, at a cost training programs in Australia for this
attacks don’t go far enough of A$160 million. NotPetya shut down specialist task. Our universities, for
Recent debates about cyber security the world’s largest shipping container the most part, do not teach – or even
in Australia have largely centred around company, Maersk, for several weeks, research – complex cyber incidents on
the passing of the government’s costing it A$500 million. a scale that could begin to service the
controversial Assistance and Access When costs for random cyber attacks national need.
bill. But while government access to are so high, it’s vital that all Australian The federal government must move
encrypted messages is an important governments have coordinated quickly to strengthen and formalise
subject, protecting Australia from response plans to high-threat incidents. arrangements for collaboration with
threat could depend more on the task The CIMA sets out inter-jurisdictional key non-governmental partners –
of developing a solid and robust cyber coordination arrangements, roles and particularly the business sector, but
security response plan. responsibilities, and principles for also researchers and large non-profit
Australia released its first Cyber cooperation. entities.
Incident Management Arrangements A higher-level cyber crisis that would Critical infrastructure providers,
(CIMA) for state, territory and federal trigger the AGCMF (a process that itself such as electricity companies, should
governments on December 12. It’s looks somewhat under-prepared) is be among the first businesses targeted
a commendable move towards a one that: for collaboration due to the scale of
comprehensive national civil defence … results in sustained disruption to potential fallout if they came under
strategy for cyber space. essential services, severe economic attack.
Coming at least a decade after damage, a threat to national security To help achieve this, CIMA outlines
the need was first foreshadowed by or loss of life. plans to institutionalise, for the first time,
the government, this is just the initial More cyber experts and regular cyber incident exercises that
step on a path that demands much address nationwide needs.
more development. Beyond CIMA, the cyber incident exercises Better long-term
government needs to better explain
to the public the unique threats posed At just seven pages in length, in glossy planning is needed
by large scale cyber incidents and, on brochure format, the CIMA does not
that basis, engage the private sector outline specific operational incident While these moves are a good start,
and a wider community of experts on management protocols. there are three longer term tasks that
addressing those unique threats. This will be up to state and territory need attention.
governments to negotiate with the First, the government needs to
Australia is poorly Commonwealth. That means the construct a consistent, credible and
protocols developed may be subject
durable public narrative around the
prepared to competing budget priorities, political purpose of its cyber incident policies,
appetite, divergent levels of cyber and associated exercise programs.
The aim of the new cyber incident maturity, and, most importantly, staffing Former Cyber Security Minister Dan
arrangements is to reduce the scope, requirements. Tehan has spoken of a single cyber
impact and severity of a “national cyber Australia has a serious crisis in the storm, former Prime Minister Malcolm
incident”. availability of skilled cyber personnel Turnbull spoke of a perfect cyber storm
A national cyber incident is defined as
being of potential national importance, in general. This is particularly the (several storms together), and Cyber
Coordinator Alastair McGibbon spoke
case in specialist areas required for
but less severe than a “crisis” that would the management of complex cyber of a cyber catastrophe as the only
trigger the government’s Australian incidents. existential threat Australia faced.
Government Crisis Management Government agencies struggle to But there is little articulation in the
Framework (AGCMF). compete with major corporations, such public domain of what these ideas
Australia is currently ill-prepared to
respond to a major cyber incident, such as the major banks, for the top-level actually mean.
recruits.
The new cyber incident management
as the Wannacry or NotPetya attacks The skills crisis is exacerbated by arrangements are meant to operate
in 2017. the lack of high quality education and below the level of national cyber crisis.
Wannacry severely disrupted the
38
