Federal Government unveils a new CERT

Powered by SC Magazine
 

Suspends CNVA program.

The Federal Government has unveiled a new point of contact for cyber-security issues in Australia.

CERT Australia, announced last night by Attorney General Robert McClelland, would combine existing CERT arrangements under the one organisation.

The CERT, which would be created using $8.8 million worth of funding announced in May, would be set-up as one of the recommendations from the E-Security Review 2008.

The government has also suspended funding for the Computer Network Vulnerability Assessment (CNVA) program.

The CNVA program, which was run by existing CERT GovCERT.au, assisted organisations that owned or managed critical infrastructure. It had nine rounds of "dollar-for-dollar" funding which helped government and businesses test the security of their computer networks and systems.

"Due to other priority work involved in setting up CERT Australia within the Australian Government, the CNVA Program will be suspended until further notice," the Attorney General web site stated as of last night.

"The Program is likely to be re-activated in the future, however no decision has been made on timing."

Privately-run AusCERT, which considers itself "the primary Australian contact for dealing with Internet security threats and vulnerabilities affecting Australian interests" was unavailable for comment today.

AusCERT already provides technical security advisories to the Federal Government, among other clients. In a media statement in May, AusCERT said it would "look to develop a range of new premium services" should the Government start providing such advisories for free.

In September, AusCERT general manager Graham Ingram, sat before a Cybercrime Inquiry and was asked if a Commonwealth take over of the organisation would be better for Australia.

Ingram disagreed with the idea, stating that he didn't like the idea of bureaucrats running it.

"I would like to see the idea of a partnership with government [because] a takeover would not be a good outcome because we have twenty people who are literally geeks who do this stuff really well," he said.

"If you replace those twenty people with twenty policy bureaucrats I don't think you're going to have an outcome [where] you're going to be increasing our capacity to do the job. But again, I think that's probably the taxpayer who needs to make that judgement in terms of investment well met."

What do you think? Should the Government run Australia's CERT or should it be run by private organisations?


Federal Government unveils a new CERT
 
 
 
Top Stories
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
Will Nutanix be outflanked before reaching IPO?
VMware muscles in on storage startup in hyper-converged infrastructure.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  7%
 
Insider threats
  11%
TOTAL VOTES: 585

Vote