The Australian Cyber Security Centre offers “a single location for government and business to collaborate on operational cyber security matters” and “represents a fundamental shift in the way that government wants to partner with business on cyber security,” Attorney-General George Brandis has said in remarks prepared for the ACSC’s Canberra conference today.
The ACSC began operations in November. It draws together cyber security capabilities across a number of agencies and departments, including Brandis’ department, Defence (including the Australian Signals Directorate and the Defence Intelligence Organisation), ASIO, the Australian Federal Police, the Australian Crime Commission, and CERT Australia.
“Combining the capabilities of ACSC agencies allows us to access a formidable stream of information and analysis of current cyber threats,” Brandis said.
“The staff in the ACSC are some of the country’s most dedicated and highly skilled security professionals. They are working together to protect government and industry systems, prevent cyber espionage and apprehend cyber criminals.
The government is currently conducting a Cyber Security Review. The review was announced in December and is due to report to government mid-year; the panel conducting the review is due to meet next week.
In submissions to the review, industry organisations Communications Alliance and the Australian Information Industry Association have argued for a more co-ordinated, whole-of-government approach to security.
"A better co-ordination of the current spread of agencies and programs and the creation of a single national point of access to government’s cyber security agencies is likely to increase efficiencies and to deliver a clearer message to all stakeholders," argued the Communications Alliance submission.
“The centre is … developing products that provide a single government voice on cyber security issues which will directly benefit industries that are critical to national security,” Brandis said.
“Each of the agencies in the ACSC has unique capabilities and mandates. Some of those mandates are enshrined in legislation,” the attorney-general said.
“The co-location model protects these individual mandates and retains the reporting lines and oversight authorities that are specific to each agency.
“Within this environment, we are exploring how our enhanced situational awareness can support each of the distinct agency missions. By co-locating these agencies in the ACSC we maximise the opportunities to leverage the skills, information streams and resources of each agency to improve the way we approach cyber security overall.
“The ACSC is making the Australian government and Australian businesses a harder target for malicious cyber actors. That, of course, is its core mission and it provides new opportunities for government to partner with business on cyber security matters. It is making it easier for industry and government to engage with each other.”
Industry representatives will “be invited into the heart of the Australian government’s cyber security operations,” Brandis said.
“The aim will be to will provide access to near real-time information streams and the ability to work alongside one another.
“We will have a team of cyber security professionals from industry and government engineering solutions to particularly complex technical issues impacting upon a range of sectors.
“There will be immediate pay-offs from this environment, including enhanced relationships and technical solutions that are readily applicable to a wider range of applications.”