Australia

Cybercrime Capacity Building Conference27-28 April 2010

Brunei Darussalam

Ms Marcella HawkesDirector, Cyber Security Policy

Australian GovernmentAttorney-General’s Department

marcella.hawkes@ag.gov.au

Overview• The evolving cyber environment• What is the threat?• The Australian Government Cyber Security

Strategy• Australia’s operational response arrangements• International cooperation

What is the threat?• Australia assesses a high degree of risk to its

economy from cyber threats.• Growing range of risks – crossing over from the ‘real

world’ to the online.• Cyber security is a national security priority

– increasingly sophisticated and hostile threat environment– our reliance on ICT creates vulnerabilities

Cyber Security Strategy• Released by the Attorney-General 23 November 2009• Integrated, whole of government approach

– aims, objectives, priorities and agency roles in achieving them

• Build public awareness of risks and confidence in Australia’s response– shared responsibilities and expectations

• Aim: The maintenance of a secure, resilient and trusted electronic operating environment that supports Australia's national security and maximises the benefits of the digital economy

Guiding Principles• National leadership• Shared responsibilities• Partnerships• Active international engagement• Risk management• Protecting Australian values

Objectives• All Australians are aware of cyber risks, secure

their computers and take steps to protect their identities, privacy and finances online

• Australian businesses operate secure and resilient ICT to protect the integrity of their own operations and the identity and privacy of their customers

• The Australian Government ensures its ICT is secure and resilient

Strategic Priorities• Threat awareness and response• Cultural change• Business-government partnerships• Government systems• International engagement• Legal and law enforcement• Knowledge, skills and innovation

CERT Australia• Source of cyber security information for all

Australians– single branding

• Building a network of trusted contacts– facilitate information sharing between ISPs, anti-virus researchers,

IT security vendors and major corporations – Information exchanges

CERT Australia• Coordinate Australia’s response to serious cyber events

between Government and the private sector– in addition to AGD’s broader coordination role (includes media)– complements the role of Defence’s Cyber Security Operations

Centre

• Point of contact for Australia’s international cyber security counterparts

• Complements the Cyber Security Operations Centre (CSOC) within the Department of Defence

International cooperation• Internet is global and borderless.• No country can secure its vital interests in

cyber space on their own.• Seek strengthened partnerships:

– enhance links between national CERTs– develop appropriate international frameworks– learn from other countries, and assist if feasible.

Questions / Comments?

Links• Cyber Security Strategy: www.ag.gov.au/cybersecurity

• CERT Australia: www.cert.gov.auinfo@cert.gov.au