Australian Spy Data Helps Business Cyber Threats

Uploaded on 2017-08-15 in INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

Small and medium-sized businesses in Australia will be the big winners under the government's plans to share cyber-security data collected by the nation's intelligence agencies.

Under the plan announced in May, declassified data from the Australian Signals Directorate (ASD) will be shared with telcos and Internet service providers (ISPs) so they can develop more advanced products to combat growing cyber security threats.

Telstra director of security Neil Campbell said the data will make it easier for cyber security providers to create better targeted, more cost-effective products for small and medium sized businesses, which often don't consider cyber safeguards.

"This is where I think we have the opportunity to really make a difference," Mr Campbell said. "We have the opportunity to deliver at such a scale we can make it cost-effective for our customers."

The data provided by the government includes what are known as indicators of compromise (IOCs), which are generated during different stages of a cyber-attack and can represent or indicate that a compromise has been attempted or successful.

ISPs will be able to merge IOCs collected by the government with their own to create massive datasets which can be used to analyse, identify and develop active solutions to combat emerging or previously unknown cyber threats.

Big Data Benefits

"The more data you have, the more context you have, the more opportunity you have to find aberrant behaviour on the network or malicious behaviour on the network," Mr Campbell said.

"Putting systems in place to identify those and then taking what you learn in one part of the Internet and then applying it to people who would be vulnerable to that attack in another part of the Internet, that's where you go from passive to active.

"You get to the point where you start to create herd immunity because if one of your customers or half-a-dozen of your customers gets affected, you learn about it quite rapidly and you're able to inoculate the others against the threat."

In an interview shortly after the May announcement, Minister Assisting the Prime Minister for Cyber Security, Dan Tehan, said he hoped the data sharing would result in better products for Australian small businesses.

"What we're calling on the private sector to do is look at what products do they have or can they develop which will help protect those organisations which don't have the human resources or the financial resources to dedicate to keeping themselves cyber secure," Mr Tehan said.

Risk Versus Reward

Mr Campbell said cyber security often doesn't occur to small businesses because they're so focused on getting on with the job. But in some instances, businesses have been forced to close their doors because of cyber-attacks.

"I think they don't have the means, they don't necessarily have the motivation. Because given the choice between reinvesting your revenue in staying alive or growing versus covering off on risk, you know where the money's going to go."

"It's our job to give them the products and services that allow them to manage that risk cost effectively without having to become an enterprise or cyber security expert."

Between July 2015 and June 2016, the Computer Emergency Response Team (CERT) responded to 14,804 cyber security incidents affecting Australian businesses, 418 of which involved systems of national interest and critical infrastructure. "Cyber-crime is pretty much widespread," Mr Campbell said.

The government has committed $630 million to combat cyber-crime which is conservatively estimated to cost the Australian economy $1 billion each year.

AFR

You Might Also Read: 

Australia Implements Mandatory Data Breach Reporting:

Australia’s Sharp Turn To Information Warfare:

 

« Insiders Are The Cause Of Most Healthcare Breaches
Singapore’s Mounting Cyber Threats »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Infosecurity Europe, 3-5 June 2025, ExCel London

Infosecurity Europe, 3-5 June 2025, ExCel London

This year, Infosecurity Europe marks 30 years of bringing the global cybersecurity community together to further our joint mission of Building a Safer Cyber World.

QATestLab

QATestLab

QATestLab is a leading International software testing company offering a full range of software testing services including security testing.

Digital Detective

Digital Detective

Digital Detective offer a range of products and services for digital forensic analysis and advanced data recovery.

Cyber Future Foundation (CFF)

Cyber Future Foundation (CFF)

CFF was established to create a cyberspace where digital commerce and innovation can thrive based on trust and respect to individual privacy.

Logz.io

Logz.io

Logz.io is an AI-powered log analysis platform that offers the open source ELK Stack as a enterprise-grade cloud service with machine learning technology.

QI ANXIN Technology Group

QI ANXIN Technology Group

QI ANXIN specializes in serving the cybersecurity market by offering next generation enterprise-class cybersecurity products and services to government and businesses.

Right-Hand Cybersecurity

Right-Hand Cybersecurity

Right-Hand Cybersecurity empowers businesses to monitor, measure and mitigate employee induced cyber risks in real-time.

GLESEC

GLESEC

GLESEC offer a complete range of Cyber Security services from Operations & Intelligence Services to Auditing & Compliance and Simulation and Training.

Global Cyber Risk (GCR)

Global Cyber Risk (GCR)

Global Cyber Risk is a technology and advisory services firm that provides first tier cybersecurity services to both large corporations and small and mid-sized businesses.

Yoti

Yoti

Yoti offer a suite of business solutions that span identity verification, age estimation, e-signing and AI anti-spoofing technologies.

Enzen

Enzen

Enzen is a global knowledge practice that provides consulting, technology, engineering, operating and innovation services to the energy and utility sectors.

Avetta

Avetta

Avetta One is the industry’s largest Supply Chain Risk Management (SCRM) platform. It enables clients to manage supply chain risks and suppliers to prove the value of their business.

LegalByte

LegalByte

LegalByte is a leading provider of comprehensive legal and forensic services dedicated to addressing the complex challenges of the digital age.

SIEM Xpert

SIEM Xpert

SIEM Xpert is a leader in Cyber Security Trainings and services since 2015.

Cloudaeris

Cloudaeris

Cloudaeris is a trusted Microsoft Partner, and we've got what it takes to make your business more efficient and agile.

Yondu

Yondu

Yondu empowers businesses across various industries through a wide array of innovative technology solutions to help them scale in the new digital economy.

Whiteswan Identity Security

Whiteswan Identity Security

At Whiteswan, we are committed to protecting the digital landscapes of modern enterprises with adaptive, identity-first security solutions that ensure trust, compliance, and resilience.