Cyber czar could create policy delays

Powered by SC Magazine
 
Page 1 of 2 | Single page

Responsibility best left to agencies, thinktank suggests.

The head of the government-sponsored Australian Strategic Policy Institute Andrew Davies has urged against appointing a single 'cyber czar' to combat internet-borne security threats.

Davies told the a summit in Canberra last week that cyber security was best understood as a set of policy issues ranging from nuisance to national security.

He said those issues currently fell under the remit of three sets of Federal and State agencies.

Any attempt to consolidate responsibility would cause delays and introduce inflexible approaches to override otherwise practical approaches, Davies said.

Federal and state law enforcement authorities became involved in cyber crime policing for identity theft and credit card fraud issues.

Issues of lax user behaviour and unwise site searching made cyber security an educational and quasi-regulatory issue, bringing it under the auspices of the Australian Communications and Media Authority (ACMA) and the Department of Broadband, Communications and the Digital Economy (DBCDE).

Because cyber security was also associated with potential incursions by foreign governments, it became an issue for the Department of Defence and for the National Cyber Security Adviser within Prime Minister and Cabinet.

While Davies agreed it was important for the various agencies to communicate regularly with each other to stay alert to new developments in cyber crime, this was an inadequate argument for establishing a national cyber czar.

Davies argued there was a clear mandate for government intervention only on issues of Defence, national security or where it was clear a crime had been committed.

His view was countered by a general consensus at the summit that the Government had been too slow implementing a cyber security strategy, putting it years behind other nations.

No national picture

A perceived lack of official statistics on cyber security was seen by summit attendees as conflating the Government's cyber security woes.

While priding itself on evidence-based policy making, statistics and a systematic national perspective on cyber security provided by the Government and its various agencies remained elusive.

Attorney-General Robert McClelland, who opened the summit, offered little in terms of hard data, reprising a previous announcement by CERT Australia of its identification of 250,000 stolen records and advising organisations to take steps to minimise damage.

Australian Institute of Criminology research analyst Alice Hutchings submitted to the summit a wide range of estimates of the cost of cyber crime varying from $345 million to over $1 billion.

She also cited survey results from 2009 on the number of businesses said to have experienced a cyber "incident".

However, the summit did not turn up a clear and credible benchmark of what was happening, whether it was getting worse and what worked best in reducing cybercrime.

Read on to page two to find out why we shouldn't worry too much about the cyber threat posed by China.

Copyright © iTnews.com.au . All rights reserved.


Cyber czar could create policy delays
 
 
 
Top Stories
How hard do you hack back?
[Blog post] Taking the offensive could have unintended consequences.
 
Five zero-cost ways to improve MySQL performance
How to easily boost MySQL throughput by up to 5x.
 
The big winners from Defence’s back-office IT refresh
Updated: The full list of subcontractors.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  68%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  11%
 
Denial of service attacks
  6%
 
Insider threats
  12%
TOTAL VOTES: 1025

Vote