The Federal Government has come under attack after it emerged that the new Australian Cyber Security Centre lacks leadership, accountability, systems and any new funding for its setup.
The centre, announced in January and meant to be live by the end of the year, is designed to be a cyber security coordination hub, staffed by top defence, security and legal agency personnel.
Few details on the operational nature of the centre were made availabile at launch; however, questions from Labor and Liberal Senators at Estimates hearings yesterday cast fresh doubts over the Government's plan.
When plans for the centre were unveiled, Prime Minister Julia Gillard said the Government had committed $1.46 billion until 2020 to bolster the security of Australia's "most sensitive networks".
In practice, no “new funding” will support the strategy, Prime Minister & Cabinet’s national security adviser, Dr Margot McCarthy told Estimates.
The new centre will build on the cybersecurity operations centre within the Defence Signals Directorate (DSD).
Initially about five percent of the people working in the new centre will come from agencies other than Defence. However, it has emerged that they will remain accountable to the heads of the agencies from which they came.
“How do you make sure that each of these characters is not just looking after their own patch but is instead acting in a whole-of-government way,” Liberal Senator Arthur Sinodinos said,
Labor Senator John Faulkner also queried the lines of accountability.
Senator Eric Abetz added: “Who takes ultimate responsibility? It sounds a bit like a greasy pig that nobody will be able to grab hold of because it can escape in all directions".
McCarthy said the first “iteration” of the new cyber security centre will see an officer from Defence in charge. A committee or "board of secretaries" will also maintain oversight.
In addition to unclear lines of accountability, co-location arrangements for systems designed to support the new centre also remained unclear.
PM&C indicated it is still developing a business case for how the proposed systems would work together.