Australia Lagging in Cyber War

greg-austin-eastwest-institute-international-policy-environment-for-cyber-security-changes-underpinning-the-move-from-prevention-to-resilience-24-638.jpg?cb=1435623380

Australia urgently needs to have an open and public debate on its military, security, and civil needs in cyberspace.

As Australia prepares to release its next White Paper on defense policy, expert eyes are waiting to see whether it will match the declaration by Malcolm Turnbull, the country’s new prime minister, that his government is one fit for the 21st century. 
The need for 21st century innovation in the defense portfolio is urgent, as a number of submissions to the 2015 White Paper through this year argued, not least those from specialists with direct experience in Australia’s intelligence and security services or its armed forces. One of these submissions, by the author, was revised and published under the title “Australia’s Digital Skills for War and Peace” in an Australian peer-reviewed journal in December 2014.

As part of its case, the article developed arguments and data provided by others, including the Australian Computer Society (ACS), that our universities were doing badly in educating Australians for the cyber age. Between 1999 and 2013, statistics of the Australian Department of Education show that our annual corpus of new domestic student graduates in information technology (IT) fell by 46 percent, though there was an upturn in 2012 and 2013. (This reference to IT graduates does not include electrical engineers, which saw an increase.)

According to the ACS, we were able to compensate for the sharp decline in IT graduates in part by temporary ICT migrants to Australia, which in 2009-10 numbered 8,530 – double the number of our own IT graduates for that year (ACS 2011: 27-28). (Data for later years does not allow a similarly granular comparison.)

In terms of student satisfaction with our IT tertiary offerings, Education Department data for 2005 to 2012, the latest available as of December 2014, showed that the completion rate for students enrolled in information technology over the period was only 61 percent, significantly lower than for any other of the ten general categories of study.
The article argued that any country “cannot hope to have cyber talents for war if it does not develop them in peacetime and if it does not have a strategy for transitioning these skills from the civil economy to military uses when emergencies dictate.” It also highlighted what it called a “virtuous circle of innovation” ─ the fact that “enhanced development of military cyber skills and strategies has flow-on effects to civil economy.”

The picture of weakness in our university-based IT education is matched in university-based research. While there are pockets of expertise and excellence in research, a review of research performance show high performance only in selected aspects of IT.

The results of the 2012 Excellence in Research analysis for the discipline of Information and Computing Sciences by the Australian Research Council reported out of 41 eligible universities, only two — the Australian National University (ANU) and the University of Melbourne) — were graded at 5 (on a sliding scale of 1-5) in the overall field. This is given a two-digit code (08) for the field of research (FOR). Only three other universities — Adelaide, the University of New South Wales (UNSW), and Queensland — received a ranking of 5 in any single four-digit sub-codes.

More concerning is the fact no single university received more than one 5 in any of the eight possible sub-codes. Even more worrying is the fact that out of a hypothetically possible 328 sub-code assessments (41 universities x 8 sub-codes), over 230 (or 70 percent) were “not assessed.” It seems that Australia is not even researching the bulk of the field of information technology!

In the same 2012 report, the situation Australia-wide in the Mathematic Sciences, another core discipline for cyber security, was even worse, though ANU, UNSW, and the University of Queensland scored comparatively well, and Monash and the University of Western Australia figured more prominently than in Information and Computing Sciences.
There is a direct link between the weak research position of the bulk of our universities and the collapse of undergraduate education in information technology (IT) in Australia.

Australia also has a weak information technology (IT) industry base, notwithstanding clear internationally competitive achievements, such as contributions to some key aspects of WiFi technology. We need to attract more venture capitalists, regardless of nationality, and get their money into university-based and industry-based R&D for IT.
Weaknesses in Australia’s cybersecurity situation in the civil sector (vulnerabilities everywhere) are not unique to Australia, but our inability to provide the skills base we need to overcome them, and a lack of industrial options to address them, must translate into great military dangers for the country.

There is recognition in the government and the university sector of the need for urgent reform. This has been evident through a government consultation on cyber security led by the Department of Prime Minister and Cabinet, the results of which are expected soon. The private sector is mobilizing in this sub-field as well and bringing new funds to the university sector. In the past two years, new centers for cybersecurity have been set up in several Australian universities.
So far, the leading university in the field of cybersecurity broadly defined (including cyber war) is probably the University of New South Wales, which set up its cybersecurity center in 2014. Among similar centers in Australian universities, it has the broadest remit and largest cohort of associated scholars (some 53). It should be noted that UNSW showed scores (all 3 or above) in more of the eight sub-fields (the sub-codes) of IT mentioned above than any other university.

One important feature of the Australian Center for Cyber Security (ACCS) at UNSW Canberra is its location at the Australian Defense Force Academy, the main officer cadet tertiary education facility in the country.

ACCS was tasked by UNSW Canberra with setting up in 2015 the first course in cybersecurity compulsory for all undergraduates in any Australian university. In 2016, ACCS and its partner schools (Humanities and Social Sciences and Engineering and IT) will deliver the first course in any Australian university in cyber war and diplomacy. The course has few peers in universities in the English speaking world.

In November 2015, ACCS will partner with the country’s Defense Science and Technology Group in the Department of Defense in a one-day conference that will take a critical, if informal or unofficial look, at the country’s R&D priorities for national cybersecurity.

There are many departure points for this conference. On the one hand, there are developing capabilities in countries like the United States, China, Russia, and Japan. Australia therefore needs its own sovereign capabilities. On the other hand, there is the important consideration that cybersecurity is bigger than each of us, either at the national level of the international level.

Just where a country like Australia needs to position itself in this highly dynamic and complex environment (the “infosphere”) is something that only the collective wisdom of the country’s best minds can answer, working in partnership. We need first of all an open and public debate on our military, security, and civil needs in cyberspace and how well our emerging capabilities match those needs. We would have to admit, as so many specialists have argued, that we are badly lagging.
The Diplomat:  http://bit.ly/1RDIWJa

 

 

« EU Rules Bitcoin Exchange Is Now Tax-Free
Can Russian Submarines Cut Off the Internet? »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Tanium

Tanium

Tanium is an endpoint security and systems management company.

American International Group (AIG)

American International Group (AIG)

AIG, is an American multinational insurance corporation. Commercial services include cyber risk insurance.

ObserveIT

ObserveIT

ObserveIT helps companies identify & eliminate insider threats. Visually monitor & quickly investigate with our easy-deploy user activity monitoring solution.

Nullcon

Nullcon

Nullcon provides an integrated platform for exchanging information on the latest attack vectors, zero-day vulnerabilities and unknown threats.

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

Philippine National Police Anti-Cybercrime Group (PNP-ACG)

The mission of the PNP Anti-Cybercrime Group is to implement and enforce pertinent laws on cybercrime and other cyber related crimes and pursue an effective anti-cybercrime campaign.

Samoby

Samoby

Samoby provide a subscription solution for Mobile Threat Protection and usage control on Android and iOS devices.

DeuZert

DeuZert

DeuZert is an accredited German certification body in accordance with ISO/IEC 27001 (Information Security Management).

ENAC

ENAC

ENAC is the national accreditation body for Spain. The directory of members provides details of organisations offering certification services for ISO 27001.

jobsDB.com

jobsDB.com

jobsDB Singapore is a search engine for jobs throughout Singapore.

SkyePoint Decisions

SkyePoint Decisions

SkyePoint Decisions is a leading Cybersecurity Architecture and Engineering, Critical Infrastructure and Operations, and Applications Development and Maintenance IT service provider.

Onevinn

Onevinn

Onevinn's goal is to create a transparent, cost-effective security that is noticed as little as possible by the users. We simply call it "intelligent security."

Broadcom

Broadcom

Broadcom is a global technology leader that designs, develops and supplies a broad range of semiconductor and infrastructure software solutions.

rSolutions

rSolutions

rSolutions delivers managed cybersecurity services to clients in many industry sectors including financial services, telecommunications, energy, government and retail.

Aikido Technology Services

Aikido Technology Services

Aikido Technology Services is a leading-edge technology solutions provider, servicing the Pacific North West USA. We offer affordable IT solutions designed to streamline and secure your business.

CloudScale365

CloudScale365

CloudScale365 offers state-of-the-art managed IT services and cloud, hosting, security, and business continuity solutions.

Spirit Technology Solutions

Spirit Technology Solutions

Spirit Technology Solutions is a modern workplace services provider committed to delivering solutions that embody our core principles of security, sustainability, and scalability.