Former ASIO head David Irvine has delivered a scathing assessment of Australia’s existing cybersecurity regime, describing it as “weak and uncoordinated”.
In a submission, written on behalf of the Cyber Security Research Centre (CSRC), Irvine called for a parliamentary inquiry to examine the “impact of new and emerging information and communications technology”.
“Australia’s national capacity to counter threats and criminal activity using cyber investigative tools is relatively weak, uncoordinated, and dispersed across a range of agencies in both Commonwealth and state jurisdictions,” said Irvine, who serves as chair of the CSRC.
“Countering cybercrime in Australia will be most effective when investigative support mechanisms are concentrated and coordinated on a national basis, utilising skills and technical capabilities developed in the national security area to strengthen law enforcement activity, and vice versa”.
The Australian Cyber Security Centre (ACSC) recently released its 2017 Threat Report, detailing current challenges faced by the nation’s cybersecurity operations.
“Increasingly sophisticated exploits are being developed and deployed against well-protected networks, particularly government networks”, said ACSC coordinator Clive Lines.
However, the report claims many of the incidents reported to the ACSC would have been preventable had organisations employed standard cybersecurity measures.
“The ACSC continues to observe many adversaries, particularly criminals, compromising networks using publicly known vulnerabilities that have known mitigations,” Lines said.
In a statement, Minister Assisting the Prime Minister for Cyber Security, Angus Taylor, said the Federal Government rates cybersecurity and cybercrime among “the fastest growing threats to corporations, citizens, and governments globally”.
“The Government’s Cyber Security Strategy, and the recent creation of the Home Affairs portfolio, are delivering the most significant reforms to the Australian national security community in over 40 years,” he said.
The Minister argues that these changes “will improve the 24/7 capability of the multi-agency Australian Cyber Security Centre to meet the needs of the community, business, and government”.