Australian Spy Data Helps Business Cyber Threats

Small and medium-sized businesses in Australia will be the big winners under the government's plans to share cyber-security data collected by the nation's intelligence agencies.

Under the plan announced in May, declassified data from the Australian Signals Directorate (ASD) will be shared with telcos and Internet service providers (ISPs) so they can develop more advanced products to combat growing cyber security threats.

Telstra director of security Neil Campbell said the data will make it easier for cyber security providers to create better targeted, more cost-effective products for small and medium sized businesses, which often don't consider cyber safeguards.

"This is where I think we have the opportunity to really make a difference," Mr Campbell said. "We have the opportunity to deliver at such a scale we can make it cost-effective for our customers."

The data provided by the government includes what are known as indicators of compromise (IOCs), which are generated during different stages of a cyber-attack and can represent or indicate that a compromise has been attempted or successful.

ISPs will be able to merge IOCs collected by the government with their own to create massive datasets which can be used to analyse, identify and develop active solutions to combat emerging or previously unknown cyber threats.

Big Data Benefits

"The more data you have, the more context you have, the more opportunity you have to find aberrant behaviour on the network or malicious behaviour on the network," Mr Campbell said.

"Putting systems in place to identify those and then taking what you learn in one part of the Internet and then applying it to people who would be vulnerable to that attack in another part of the Internet, that's where you go from passive to active.

"You get to the point where you start to create herd immunity because if one of your customers or half-a-dozen of your customers gets affected, you learn about it quite rapidly and you're able to inoculate the others against the threat."

In an interview shortly after the May announcement, Minister Assisting the Prime Minister for Cyber Security, Dan Tehan, said he hoped the data sharing would result in better products for Australian small businesses.

"What we're calling on the private sector to do is look at what products do they have or can they develop which will help protect those organisations which don't have the human resources or the financial resources to dedicate to keeping themselves cyber secure," Mr Tehan said.

Risk Versus Reward

Mr Campbell said cyber security often doesn't occur to small businesses because they're so focused on getting on with the job. But in some instances, businesses have been forced to close their doors because of cyber-attacks.

"I think they don't have the means, they don't necessarily have the motivation. Because given the choice between reinvesting your revenue in staying alive or growing versus covering off on risk, you know where the money's going to go."

"It's our job to give them the products and services that allow them to manage that risk cost effectively without having to become an enterprise or cyber security expert."

Between July 2015 and June 2016, the Computer Emergency Response Team (CERT) responded to 14,804 cyber security incidents affecting Australian businesses, 418 of which involved systems of national interest and critical infrastructure. "Cyber-crime is pretty much widespread," Mr Campbell said.

The government has committed $630 million to combat cyber-crime which is conservatively estimated to cost the Australian economy $1 billion each year.

AFR: 

You Might Also Read: 

Australia Implements Mandatory Data Breach Reporting:

Australia’s Sharp Turn To Information Warfare: