Ex GCHQ head joins Australian cyber security centre/review; strategy docs revealed

Australian prime minister Tony Abbott quietly announced last weekend that former GCHQ head Iain Lobban – who also works for Standard Chartered Bank – has been seconded to advise the Australian Government via the Australian Cyber Security Centre. Last week also saw a major cyber security conference in Canberra (details below). We also provide links to over a dozen Australian Signals Directorate (ASD) cyber security strategy documents, including anti-intrusion/hacking technology manuals.

(See also Edward Snowden slides on Australian Signals Directorate’s interception of mobile phone traffic in Indonesia.)

The review panel which Lobban is joining includes: the CEO of the Business Council of Australia, Ms Jennifer Westacott; Chief Security and Trust Officer at Cisco Systems in the United States, Mr John Stewart; the Chief Information Security Officer at Telstra, Mr Mike Burgess; and the Director of the International Cyber Policy Centre at the Australian Strategic Policy Institute, Dr Tobias Feakin. The review is expected to be completed by mid 2015.

Last week’s Cyber Security Conference in Canberra was organised by the Australian Signals Directorate (the equivalent of GCHQ and one of the ‘Five Eyes’ hubs of Echelon) and Dr Margot McCarthy, who heads the Australian Cyber Security Review (and who also works directly to the prime minister). Speakers included representatives from Microsoft, Google (on incident response), Dell, Rayethon Australia, Telstra, the FBI (speaker not named) and CISCO.

The role of the Cyber Security Centre is to coordinate cyber security and intelligence within government and between government and industry partners. The Centre incorporates expertise from from the Australian Signals Directorate, the Australian Federal Police, the Australian Security Intelligence Organisation (ASIO), the Australian Crime Commission, CERT Australia and the former Defence Cyber Security Operations Centre (CSOC).

The Australian Signals Directorate oversees Australia’s Echelon role as well as Australia’s main surveillance base at Pine Gap (which also helps coordinate Echelon missile and drone attacks in the Asia region).

The ASD produces the Australian Government Information Security Manual. The manual is the standard which governs the security of government ICT systems. The ISM comprises three documents targeting different levels within an organisation. The ISM is available in three parts:

At least 85% of the targeted cyber intrusions that the Australian Signals Directorate responds to could be prevented by following what it called the top 4 mitigation strategies listed in their Strategies to Mitigate Targeted Cyber Intrusions. These are:

  • use application whitelisting to help prevent malicious software and unapproved programs from running
  • patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office
  • patch operating system vulnerabilities
  • restrict administrative privileges to operating systems and applications based on user duties.

ASD Strategies to Mitigate Targeted Cyber Intrusions

The Top 4 Strategies

Additional information

Examples

Sir Iain Lobban

Advertisements
This entry was posted in Intelligence, Surveillance and tagged , , , . Bookmark the permalink.

One Response to Ex GCHQ head joins Australian cyber security centre/review; strategy docs revealed

  1. l8in says:

    Reblogged this on L8in.

    Like

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s