Voluntary cyber security health checks which create a benchmark of where Australian businesses are today with security are among the initiatives Deloitte is working on with industry and government.
The firm has decided not to make a formal submission to the Cyber Security Review but is involved with a number of the working groups which are handling the review.
The review, announced in November last year, will look at how government and industry can work together to improve the security of online systems.
Deloitte Asia Pacific & Australia cyber practice leader James Nunn-Price outlined the initiatives.
Voluntary cyber security health checks
“These are surveys to create a benchmark of where Australian businesses are today. How mature do they think they are at tackling cyber risk and tracking that over a period of time to see what the trends might be,” he said.
“Cyber risks are a result of dynamic targeted threats. On an industrial scale they are focused at the digital assets, operations and information of the organisation. Both complex and severe, these risks are evolving faster than business can react.”
Voluntary cyber security standards
“There are lots of standards out there for security and cyber — which ones should we be championing for Australian business?” said Nunn-Price.
Capabilities that government has a role to play in
“There needs to be incubation of new ideas and solutions to defend against threats and growing more talent with the capability through education, tertiary, research and innovation hubs.”
Nunn-Price said it is important that the initiatives be co-designed by industry and government.
“If government were just to do it on their own, it might be seen as a compliance regime,” he said.
“We want to make a difference, this is a long term initiative to change not just how we are today but in the future.”
The establishment of a national cyber security strategy that aligns national resources to drive a 'cyber-enabled’ national economy is among Cisco's recommendations to the Australian Cyber Security Review.
Cisco’s other recommendations include a partnership between government, public and private entities to address:
- Increasing cyber security leadership in corporations and institutions
- Multi-sector information sharing including threat research
- Development of state based cyber centres as an extension of the Australian Cyber Security Centre
- Building cyber security skills, education and training
- Incentives for accelerating innovation.
Telco industry body Communications Alliance has previously argued that historic developments have left Australia with a large number of government departments and agencies with overlapping cyber security responsibilities.
Comms Alliance has called for the creation of a single national point of access to government’s cyber security agencies.
The Australian Cyber Security Centre (ACSC) recently released its first public report outlining its assessment of the Australian information security landscape.
The ACSC predicts that cybercrime activity will continue to increase over the next five years as Australia’s relative wealth and high use of technology makes it an attractive target for organised criminal syndicates.
Follow Hamish Barwick on Twitter: @HamishBarwick