Federal Government unveils a new CERT

Powered by SC Magazine
 

Suspends CNVA program.

The Federal Government has unveiled a new point of contact for cyber-security issues in Australia.

CERT Australia, announced last night by Attorney General Robert McClelland, would combine existing CERT arrangements under the one organisation.

The CERT, which would be created using $8.8 million worth of funding announced in May, would be set-up as one of the recommendations from the E-Security Review 2008.

The government has also suspended funding for the Computer Network Vulnerability Assessment (CNVA) program.

The CNVA program, which was run by existing CERT GovCERT.au, assisted organisations that owned or managed critical infrastructure. It had nine rounds of "dollar-for-dollar" funding which helped government and businesses test the security of their computer networks and systems.

"Due to other priority work involved in setting up CERT Australia within the Australian Government, the CNVA Program will be suspended until further notice," the Attorney General web site stated as of last night.

"The Program is likely to be re-activated in the future, however no decision has been made on timing."

Privately-run AusCERT, which considers itself "the primary Australian contact for dealing with Internet security threats and vulnerabilities affecting Australian interests" was unavailable for comment today.

AusCERT already provides technical security advisories to the Federal Government, among other clients. In a media statement in May, AusCERT said it would "look to develop a range of new premium services" should the Government start providing such advisories for free.

In September, AusCERT general manager Graham Ingram, sat before a Cybercrime Inquiry and was asked if a Commonwealth take over of the organisation would be better for Australia.

Ingram disagreed with the idea, stating that he didn't like the idea of bureaucrats running it.

"I would like to see the idea of a partnership with government [because] a takeover would not be a good outcome because we have twenty people who are literally geeks who do this stuff really well," he said.

"If you replace those twenty people with twenty policy bureaucrats I don't think you're going to have an outcome [where] you're going to be increasing our capacity to do the job. But again, I think that's probably the taxpayer who needs to make that judgement in terms of investment well met."

What do you think? Should the Government run Australia's CERT or should it be run by private organisations?


Federal Government unveils a new CERT
 
 
 
Top Stories
The CISO’s dilemma: Do you trust your partner’s partner?
[Blog post] How far down the chain do you check?
 
Microsoft confirms Australian Azure launch
Available from next week.
 
NBN Co names first 140 FTTN sites
National trial extended.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
In which area is your IT shop hiring the most staff?




   |   View results
IT security and risk
  25%
 
Sourcing and strategy
  11%
 
IT infrastructure (servers, storage, networking)
  23%
 
End user computing (desktops, mobiles, apps)
  15%
 
Software development
  26%
TOTAL VOTES: 293

Vote
Would your InfoSec team be prepared to share threat data with the Australian Government?

   |   View results
Yes
  60%
 
No
  40%
TOTAL VOTES: 107

Vote