Australia Lagging in Cyber War

Uploaded on 2015-10-30 in NEWS-Cybersecurity News, GOVERNMENT-National, GOVERNMENT-Defence, FREE TO VIEW

greg-austin-eastwest-institute-international-policy-environment-for-cyber-security-changes-underpinning-the-move-from-prevention-to-resilience-24-638.jpg?cb=1435623380

Australia urgently needs to have an open and public debate on its military, security, and civil needs in cyberspace.

As Australia prepares to release its next White Paper on defense policy, expert eyes are waiting to see whether it will match the declaration by Malcolm Turnbull, the country’s new prime minister, that his government is one fit for the 21st century. 
The need for 21st century innovation in the defense portfolio is urgent, as a number of submissions to the 2015 White Paper through this year argued, not least those from specialists with direct experience in Australia’s intelligence and security services or its armed forces. One of these submissions, by the author, was revised and published under the title “Australia’s Digital Skills for War and Peace” in an Australian peer-reviewed journal in December 2014.

As part of its case, the article developed arguments and data provided by others, including the Australian Computer Society (ACS), that our universities were doing badly in educating Australians for the cyber age. Between 1999 and 2013, statistics of the Australian Department of Education show that our annual corpus of new domestic student graduates in information technology (IT) fell by 46 percent, though there was an upturn in 2012 and 2013. (This reference to IT graduates does not include electrical engineers, which saw an increase.)

According to the ACS, we were able to compensate for the sharp decline in IT graduates in part by temporary ICT migrants to Australia, which in 2009-10 numbered 8,530 – double the number of our own IT graduates for that year (ACS 2011: 27-28). (Data for later years does not allow a similarly granular comparison.)

In terms of student satisfaction with our IT tertiary offerings, Education Department data for 2005 to 2012, the latest available as of December 2014, showed that the completion rate for students enrolled in information technology over the period was only 61 percent, significantly lower than for any other of the ten general categories of study.
The article argued that any country “cannot hope to have cyber talents for war if it does not develop them in peacetime and if it does not have a strategy for transitioning these skills from the civil economy to military uses when emergencies dictate.” It also highlighted what it called a “virtuous circle of innovation” ─ the fact that “enhanced development of military cyber skills and strategies has flow-on effects to civil economy.”

The picture of weakness in our university-based IT education is matched in university-based research. While there are pockets of expertise and excellence in research, a review of research performance show high performance only in selected aspects of IT.

The results of the 2012 Excellence in Research analysis for the discipline of Information and Computing Sciences by the Australian Research Council reported out of 41 eligible universities, only two — the Australian National University (ANU) and the University of Melbourne) — were graded at 5 (on a sliding scale of 1-5) in the overall field. This is given a two-digit code (08) for the field of research (FOR). Only three other universities — Adelaide, the University of New South Wales (UNSW), and Queensland — received a ranking of 5 in any single four-digit sub-codes.

More concerning is the fact no single university received more than one 5 in any of the eight possible sub-codes. Even more worrying is the fact that out of a hypothetically possible 328 sub-code assessments (41 universities x 8 sub-codes), over 230 (or 70 percent) were “not assessed.” It seems that Australia is not even researching the bulk of the field of information technology!

In the same 2012 report, the situation Australia-wide in the Mathematic Sciences, another core discipline for cyber security, was even worse, though ANU, UNSW, and the University of Queensland scored comparatively well, and Monash and the University of Western Australia figured more prominently than in Information and Computing Sciences.
There is a direct link between the weak research position of the bulk of our universities and the collapse of undergraduate education in information technology (IT) in Australia.

Australia also has a weak information technology (IT) industry base, notwithstanding clear internationally competitive achievements, such as contributions to some key aspects of WiFi technology. We need to attract more venture capitalists, regardless of nationality, and get their money into university-based and industry-based R&D for IT.
Weaknesses in Australia’s cybersecurity situation in the civil sector (vulnerabilities everywhere) are not unique to Australia, but our inability to provide the skills base we need to overcome them, and a lack of industrial options to address them, must translate into great military dangers for the country.

There is recognition in the government and the university sector of the need for urgent reform. This has been evident through a government consultation on cyber security led by the Department of Prime Minister and Cabinet, the results of which are expected soon. The private sector is mobilizing in this sub-field as well and bringing new funds to the university sector. In the past two years, new centers for cybersecurity have been set up in several Australian universities.
So far, the leading university in the field of cybersecurity broadly defined (including cyber war) is probably the University of New South Wales, which set up its cybersecurity center in 2014. Among similar centers in Australian universities, it has the broadest remit and largest cohort of associated scholars (some 53). It should be noted that UNSW showed scores (all 3 or above) in more of the eight sub-fields (the sub-codes) of IT mentioned above than any other university.

One important feature of the Australian Center for Cyber Security (ACCS) at UNSW Canberra is its location at the Australian Defense Force Academy, the main officer cadet tertiary education facility in the country.

ACCS was tasked by UNSW Canberra with setting up in 2015 the first course in cybersecurity compulsory for all undergraduates in any Australian university. In 2016, ACCS and its partner schools (Humanities and Social Sciences and Engineering and IT) will deliver the first course in any Australian university in cyber war and diplomacy. The course has few peers in universities in the English speaking world.

In November 2015, ACCS will partner with the country’s Defense Science and Technology Group in the Department of Defense in a one-day conference that will take a critical, if informal or unofficial look, at the country’s R&D priorities for national cybersecurity.

There are many departure points for this conference. On the one hand, there are developing capabilities in countries like the United States, China, Russia, and Japan. Australia therefore needs its own sovereign capabilities. On the other hand, there is the important consideration that cybersecurity is bigger than each of us, either at the national level of the international level.

Just where a country like Australia needs to position itself in this highly dynamic and complex environment (the “infosphere”) is something that only the collective wisdom of the country’s best minds can answer, working in partnership. We need first of all an open and public debate on our military, security, and civil needs in cyberspace and how well our emerging capabilities match those needs. We would have to admit, as so many specialists have argued, that we are badly lagging.
The Diplomat:  http://bit.ly/1RDIWJa

 

 

« EU Rules Bitcoin Exchange Is Now Tax-Free
Can Russian Submarines Cut Off the Internet? »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Zentek Digital Investigations

Zentek Digital Investigations

Zentek has been providing digital forensics services to the public and private sector for computers and mobile devices since 2004.

Rollbar

Rollbar

Rollbar is a full-stack error monitoring platform for web and mobile applications. We help developers find and fix bugs fast. Built by developers for developers.

Cisco Talos

Cisco Talos

Talos is an industry-leading threat intelligence solution that protects your organization’s people, data and infrastructure from active adversaries.

Silent Breach

Silent Breach

Silent Breach specializes in network security and digital asset protection. Services include Pentesting, Security Assessments, Incident Detection & Response, Governance Risk & Compliance.

AGAT Software

AGAT Software

AGAT Software is an innovative security provider specializing in external access authentication and data protection solutions.

Cipher Tooth

Cipher Tooth

CipherTooth is a superior system for delivering secure content over the Internet.

Digital Guardian

Digital Guardian

Digital Guardian is a next generation data protection platform designed to stop data theft.

HYPR

HYPR

HYPR Decentralized Authentication minimizes the risk of enterprise data breaches while providing an enhanced user experience for your customers and employees.

PatrOwl

PatrOwl

Automate your SecOps with PatrOwl, and start defending your assets efficiently.

Private Machines

Private Machines

Private Machines develops unique patent-pending technology protects cloud and data center workloads.

Network Intelligence

Network Intelligence

Network Intelligence are a global cybersecurity provider offering services across 6 broad spectrums - Assessment, BCMS, GRC, Professional Services, MSSP & Training.

Cythereal

Cythereal

Cythereal is the leader in predicting and preventing advanced malware attacks. Security Automation for the Overwhelmed Administrator.

HackersEra

HackersEra

HackersEra is a leading offensive cybersecurity service provider. We enable our clients to operate in a more secure environment efficiently and produce more value.

ISSQUARED

ISSQUARED

ISSQUARED is a leading provider of Cyber Security, Cloud, Infrastructure, Consulting and Digital Transformation services.

Pangu Laboratory

Pangu Laboratory

Beijing Qi an Pangu Laboratory Technology Co., Ltd. was established on the basis of Pangu laboratory, a well-known cyber security team.

ReachOut Technology

ReachOut Technology

ReachOut is a transformative approach to IT Security, Support, and Guidance. But we’re more than that. We’re passionate IT experts driven to make solutions to your problems.