Making sense of Australia’s ‘bewildering’ cyber landscape

Microsoft, Ai Group see need for cyber minister

labyrinth maze easy access bypass breach  by altayb getty
altayb / Getty Images

There is an infamous chart produced by law firm Baker McKenzie that provides a guide to the web of Commonwealth organisations and programs related to cyber security.

It is overwhelming in its complexity, and doesn’t even touch on state and territory agencies. Telco industry group Communications Alliance has included a version — since outdated — of the chart in its call for the government to address the “almost bewildering matrix” of federal government entities “with an interest in, or portfolio responsibilities, relating to cyber security”.

The group said in a document prepared in response to Canberra’s call for input into its 2020 national cyber security strategy that while it wasn’t advocating for a “single roof” for all government “cyber-related functions” there would be benefits to a streamlining of organisations, functions and processes.

“It appears that a better coordination of the current spread of agencies and programs and more focussed spending on a single national point of access would be likely to result in a more effective approach to cyber security,” the group argued.

“It would also serve to address what must be an enormous and, at times, inefficient coordination burden on the involved departments and agencies.”

It acknowledged there had been some movement in that direction, citing the example of the Australian Signals Directorate’s transformation into an independent statutory agency and the colocation of the federal government’s cyber security functions in the agency’s Australian Cyber Security Centre.

However, the document states Comms Alliance was concerned that the government’s discussion paper, issued at the start of the consultation process, claimed that streamlining of Commonwealth governance and structures relating to cyber security had already been completed.

One measure advocated by the group was for a “unified directory” or “single point of truth” for information about cyber security threats and responses.

An Australian Industry Group contribution to the consultation echoed some of the criticisms made by the telco group: “With multiple entry points on cyber security matters, this can create inconsistent experiences for industry and the community in engaging with different parts of Government,” Ai Group argued.

“Consideration needs to be given to the formation of a central and independent coordinating body to provide common approaches across the sectors and levels of Government.”

The group called for the reestablishment of a minister dedicated to cyber security. In the wake of the 2016 launch of the Canberra’s original national security strategy, the government announced the appointment of the nation’s first infosec-focused minister: Victorian Liberal MP Dan Tehan was appointed minister assisting the prime minister for cyber security.

In late 2017, Angus Taylor was handed responsibility for the cyber security portfolio. An August 2018 ministerial shuffle put an end to the position, however.

Ai Group said that in its view such a role is “critical” and “this type of Minister should be reinstated that can take a holistic view, have full responsibility for managing cyber security policy and can operate across relevant departments”.

The idea also found some support from Microsoft, with the tech giant saying that the government should consider “a single Coordinating Minister and/or a Coordinating Executive with oversight across all cyber functions within the existing Machinery of Government arrangements”.

PwC also backs a dedicated minister or minister assisting the prime minister on cyber security. Such a minister should deliver annual reports to parliament addressing Australia’s progress on improving its cyber resilience, PwC said.

The full submissions have been published by the Department of Home Affairs.


Copyright © 2019 IDG Communications, Inc.

7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon