Could infosec give Australia a competitive advantage?

The first nuggets of information coming out of the federal government's cyber security review indicate a new, refreshing approach to national information security could be on the cards.

At the end of last month, the independent panel of experts tasked with the review convened a meeting in Canberra to discuss the ideas gathered from industry so far. 

The consensus seems to be that “Australia has an opportunity to marry national security and economic objectives through cyber security.”

The update goes on to say that “cyber security could help Australia realise its future potential by giving us a competitive advantage.“

This is really refreshing. The sentiment is one that has been batted around in industry for the last few years, with information security being seen as an innovation and economic enabler rather than a cost overhead and a blocker.

So far, the review team has consulted with more than 165 organisations of all shapes and sizes, consistently finding that cyber security issues are significantly impacting the Australian economy, affecting government, private industry and individuals.

Cyber attacks are reported as commonplace, everyday events, and the number of attacks is continually increasing, as well as becoming more sophisticated, and as a result becoming more costly to investigate and rectify.  

The main takeaways from the update focus on how government and the private sector can collaborate to build a more secure Australia, including to:

• Share actionable and timely information to better protect Australian networks and systems against cyber attacks;
• Build cyber security skills and awareness across the Australian community;
• Develop support for small and medium businesses on cyber security best practice; and
• Ensure government is organised to provide leadership to secure the economy and protect critical services.

According to the update - which is all the detail we have at the moment - the expert panel discussed "some of the practical ways Australia can have a cyber resilient economy that is positioned to take advantage of the digital age.”

Despite the lack of detail, it's refreshing to see that the review is being taken seriously and consulting a wide and varied sample of businesses across the whole of the nation.

Interestingly, each of the industry responses has called for more clarity in the area of responsibility for cyber security.

The Communications Alliance submission (pdf) illustrates how convoluted the current set-up is - there are around 40 different stakeholders.

The cyber review team is due to hand down its report midway through this year.

Let’s hope that the outcomes of this policy review make a real difference to the whole of our nation and not just to the federal government and local market in Canberra.

Without the investment strategy and capital to back up any proposed changes, the renewed policy may be relegated to shelf-ware and we’ll continue to stagnate as the rest of the world moves forward.

Hopefully the Government will put its money where its mouth is.