ASPI report calls for Internet shop front to deal with cyber crime

Security guru Alastair MacGibbon argues government policies do not keep up with the pace of technology

Australia needs a central ‘Internet shop front’ where the public can report cyber security matters, according to a report by the Australian Strategic Policy Institute (ASPI).

The report, Cyber security: threats and responses in the information age, said that although it’s a “critical” issue, cyber security is not yet fully understood by the public.

Author, founder of the Australian High Tech Crime Centre (AHTCC) and former security head at eBay, Alastair MacGibbon, said the Rudd Government needs to broaden the scale in which it addresses cyber security and better address end users in its policies.

The report has recommended the establishment of an internet crime reporting and analysis centre, drawing attention to the current difficulty for consumers to report cyber crime incidents to authorities.

MacGibbon said the centres are needed to implement a national approach to cyber crime, and to enable the government to better determine bureaucratically and jurisdictionally which agencies can best deal with certain enquiries and then determine a response.

“The key to understanding cyber crime is data,” he said, adding that Australia currently lacks the capacity to share data across several jurisdictions.

The report also highlighted the government’s failure to address security vulnerabilities in ICT infrastructure, saying there is a “keen interest” in data held by Australian companies and that the imminent threat of economic espionage could cost companies billions of dollars in revenue.

“We need to move away from the current light-touch approach of telecommunications where industry self-regulation was the dominant force to one’s where the government sets the standards required by telecommunications provide,” MacGibbon said.

Another issue addressed was the “widening gap” between the cyber security problems and Australia’s capacity to deal with it. “The money the government is investing [into cyber security] I think is reasonably well spent, and it’s always heartening to see the services growing, but they are not growing at the pace that the public uses technology,” MacGibbon said.

“The services that we expect from government in the offline world, should be reflected in the online world, but they’re not.”

Other recommendations include the development of policies that enhance the end-point security of users connecting to the NBN and a cyber warfare doctrine for the military.

The report comes after several developments in the Government cyber security space in recent weeks.

At the end of November the House of Representatives Inquiry into Cyber Crime – which had decided to [[artnid:327513|question the agencies at the forefront of the Government's cyber security efforts - heard the Federal Attorney-General’s department is working on developing greater co-ordination between the international community, business, internet service providers and government agencies to better manage cyber crime.

Speaking at the Inquiry, Mike Rothery, first assistant secretary of the National Security Resilience Policy Division with the Attorney-General’s Department, said the department was working on a an international engagement strategy with several cyber security forums including the International Telecommunication Union, the UN, the OECD, and APEC.

The same week the Federal Government announced a new research project to track the awareness of kids’ cyber-safety and security issues.

The project, which will be undertaken by the Wollongong University’s Illawarra Regional Information Service (IRIS) and the Australian Council for Educational Research, will build on the Review of Existing Australian and International Cyber-safety Research from Edith Cowan University.

A new cyber security strategy was also announced with the creation of an emergency response team previously announced in May, called CERT Australia.

Finally, Computerworld revealed Australia's Cyber Security Operations Centre (CSOC), announced earlier this year as part of the first Defence White Paper in a decade, has already reached some operational capability.

An acute lack of information on the offensive capabilities being developed by the CSOC, however, and little clarity around its governance or oversight mechanisms, has sparked calls from academics and information security analysts for greater public debate and disclosure.

The full report and its recommendations can be downloaded at the ASPI website.

Sign up for Computerworld's newsletters to stay up to date.

Got more on this story?Email Computerworld or follow @computerworldau on Twitter and let us know.

More about: APEC, Attorney-General, CERT, Cowan, eBay, Edith Cowan University, Edith Cowan University, International Telecommunication Union, IRIS, OECD, PEC, Resilience
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the Computerworld comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: Australian Strategic Policy Institute (ASPI), cyber crime, security
Whitepapers
All whitepapers
Sign up now to get free exclusive access to reports, research and invitation only events.
Featured Download
/downloads/product/150/handbrake/

HandBrake

HandBrake is an opensource tool that allows you to backup your DVDs so that you can store and watch them on your computer. Features include: ...

Computerworld newsletter

Join the most dedicated community for IT managers, leaders and professionals in Australia