Australia’s cyber tsar MacGibbon resigns

Australia’s national cyber security advisor Alastair MacGibbon has handed in his resignation to return to the private sector.

MacGibbon - who is also head of the Australia Cyber Security Centre - will leave the high-profile role on May 28.

He has headed up the centre since January 2018, when former Prime Minister Malcolm Turnbull moved ACSC within the Australian Signals Directorate.

Before that, he spent just over a year-and-a-half as Turnbull’s top cyber security advisor, a position that was created through the 2016 cyber security strategy.

ASD chief Mike Burgess said MacGibbon has been “a fierce advocate for the importance of cyber security for the community, businesses and governments”.

“He is indeed the face of cyber security in Australia and, through his leadership, helped raise the nation’s cyber security standards,” he said.

Burgess highlighted his role in containing the recent breach of the parliamentary computing network, in which data was stolen by a state-sponsored actor. 

“Thank you, Alastair, and on behalf of your ASD colleagues, I wish you all the very best in the next stage of your career. I’m sure we will be seeing lots of you in the future,” he said.

“One of the biggest challenges for Australia in cyber security sits with the private sector and in particular those who own and operate critical infrastructure. 

“Indeed most of the cyber security heavy lifting is done by the private sector.”

MacGibbon’s role will be filled by ASD’s principal deputy director-general Lieutenant General John Frewen while a permanent replacement is found, Burgess said.

Human heat sink

During his most recent stint as Australia's cyber chief MacGibbon was frequently propelled into the media spotlight as the government's primary spokesman and go-to person to manage major cyber and technology incidents including the 2016 'CensusFail' where he stood cheek by jowl with then Prime Minister Malcolm Turnbull.

In a significant departure from the government's previous approach of limiting criticism of its technology suppliers, MacGibbon made a trademark of pushing tech companies to to do much better to improve their cyber performance, including calling out deficiencies where he believed they had occurred.

In 2017 MacGibbon ruffled many government agencies' feathers when he used AWS' public sector event to call out a a long-running dependence on large legacy tech platforms and outsourcing as a key cyber risk, warning multiple layers of band-aid fixes for old systems could no longer cut it.

“We have to invest in migrating legacy apps,” MacGibbon said at the time, cautioning that “we play a Jenga game where we are adding layer upon layer, legacy app upon legacy app.”

Second public tour of duty complete

Part diplomat and part operational cyber point man, MacGibbon's resignation completes his second stint heading the government's cyber response efforts.

MacGibbon first rose to prominence in cyber circles as the head of the Australian High Tech Crime Centre, the first dedicated national and cross agency tech investigations and outreach unit run out of the Australian Federal Police and established in 2003.

Prior to that MacGibbon had been the AFP's liason man in Washington DC, a role regarded as a proving ground for potential commissioners and security agency heads.

With police and security agencies becoming increasingly frustrated by the lack of investigatory cooperation from both the online commerce sector and banks which were rapidly bowling-up online account services, MacGibbon cunningly reverse engineered the access problem to the government's advantage.

Rather than the government trying to send police into banks to ferret out cyber crime, MacGibbon invited the banks into the AHTCC to supply IT security staff to help spot and manage frauds and scams as they developed.

The beauty of the approach, one senior banker observed, was that the AFP got banks to not only feed it intelligence, but pay for the privilege as well.

Having established the AHTCC, MacGibbon surprised many when he quit the post after just 18 months to become the head trust and safety for online flea market eBay which at trhe time had been reputationally battered by multiple collisions with regulators.  

From eBay MacGibbon then moved to Dimension Data helping that firm develop its security practice in what was soon to become a booming market.

Security politics goes bare knuckle

MacGibbon's resignation also appears to have come at an opportune political juncture after former Prime Minister Paul Keating used the sidelines of the Australian Labor Party's official campaign launch in Brisbane to broadside security agencies on Sunday.

"The nutters are in charge," Keating told the Australian Broadcasting Corporation in reference some chief of of the Australian Intelligence community, a statement followed by his nurging of Labor leader Bill Shorten to "clean them out" should Labor secure government.

The comments were largely leveled at the manner of the agencies response to China's growth and assertiveness and indicate the potential for a diplomatic reset as government's grapple with intelligence community hostility to allowing Chinese telco giant Huawei  to participate in the building of 5G networks within Five Eyes and NATO aligned governments.

Government ministers have attacked Keating's comments.