Federal Government unveils a new CERT

Powered by SC Magazine
 

Suspends CNVA program.

The Federal Government has unveiled a new point of contact for cyber-security issues in Australia.

CERT Australia, announced last night by Attorney General Robert McClelland, would combine existing CERT arrangements under the one organisation.

The CERT, which would be created using $8.8 million worth of funding announced in May, would be set-up as one of the recommendations from the E-Security Review 2008.

The government has also suspended funding for the Computer Network Vulnerability Assessment (CNVA) program.

The CNVA program, which was run by existing CERT GovCERT.au, assisted organisations that owned or managed critical infrastructure. It had nine rounds of "dollar-for-dollar" funding which helped government and businesses test the security of their computer networks and systems.

"Due to other priority work involved in setting up CERT Australia within the Australian Government, the CNVA Program will be suspended until further notice," the Attorney General web site stated as of last night.

"The Program is likely to be re-activated in the future, however no decision has been made on timing."

Privately-run AusCERT, which considers itself "the primary Australian contact for dealing with Internet security threats and vulnerabilities affecting Australian interests" was unavailable for comment today.

AusCERT already provides technical security advisories to the Federal Government, among other clients. In a media statement in May, AusCERT said it would "look to develop a range of new premium services" should the Government start providing such advisories for free.

In September, AusCERT general manager Graham Ingram, sat before a Cybercrime Inquiry and was asked if a Commonwealth take over of the organisation would be better for Australia.

Ingram disagreed with the idea, stating that he didn't like the idea of bureaucrats running it.

"I would like to see the idea of a partnership with government [because] a takeover would not be a good outcome because we have twenty people who are literally geeks who do this stuff really well," he said.

"If you replace those twenty people with twenty policy bureaucrats I don't think you're going to have an outcome [where] you're going to be increasing our capacity to do the job. But again, I think that's probably the taxpayer who needs to make that judgement in terms of investment well met."

What do you think? Should the Government run Australia's CERT or should it be run by private organisations?


Federal Government unveils a new CERT
 
 
 
Top Stories
Photos: iTnews Benchmark Awards countdown begins
Just a few days left until entries close for 2014.
 
Australian Govt to rethink cyber security strategy
Six-year old policy to be refreshed.
 
The failure of the antivirus industry
[Blog post] Insights from AVAR 2014.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Who do you trust most to protect your private data?







   |   View results
Your bank
  38%
 
Your insurance company
  3%
 
A technology company (Google, Facebook et al)
  8%
 
Your telco, ISP or utility
  8%
 
A retailer (Coles, Woolworths et al)
  2%
 
A Federal Government agency (ATO, Centrelink etc)
  20%
 
An Australian law enforcement agency (AFP, ASIO et al)
  15%
 
A State Government agency (Health dept, etc)
  5%
TOTAL VOTES: 1075

Vote