Australia's E-security
Activities
ITU Workshop- Brisbane
Sabeena Oberoi
Assistant Secretary, Communication Security
Department of Broadband, Communications,
and the Digital Economy
Australia
1
Current landscape
z
Change is a constant- more sophisticated
and malicious attacks
z
Online environment highly interconnecteddifferent segments can not be addressed
in isolation
z
More holistic and integrated approach
needed to e-security
2
E-Security National Agenda
z
Established in
2001 to create a
secure, trusted
electronic
operating
environment for
both the public and
private sectors.
z
Reviewed in 2006
3
E-Security policy priorities
1.
Reducing the e-security risk to Australian
Government information and
communications systems;
2.
Reducing the e-security risk to
Australia’s national critical infrastructure;
and
3.
Enhancing the protection of home users
and SMEs from electronic attacks and
fraud.
4
E-Security Review
z
Announced in July
2008
z
Changing online
environment
z
Development of
new policy
framework for esecurity
5
Awareness Raising
z
Focus needs to be
on the most
vulnerable sector home users and
SMEs
z
Australian Initiatives
¾ National
Awareness
Week 6-13 June
2008
¾ Stay Smart Online
www.staysmartonline.gov.au
6
Awareness raising
z
Stay Smart online
alert service
z
Schools education
package
¾ Targeted
at year 3
and year 9
7
Public-private sector
partnerships
z
Working with Industry
¾ Collaboration
with IT vendors, financial sector
and ISPs
z
Australian Examples
¾ National
E-Security Awareness Week
¾ Australian Internet Security Initiative
¾ Trusted Information Sharing Network
8
Critical Infrastructure Protection
z
Trusted Information
Sharing Network
(TISN)
z
IT Security Expert
Advisory Group
z
Supervisory
Communications and
Data Acquisition
(SCADA) Community
of Interest
9
Australia’s Critical Infrastructure Protection Arrangements
Business Government
Advisory Group on
National Security (BGAG)
Attorney-General
National
Counter-Terrorism
Committee
OTHER GOVERNMENT BODIES
E-Security Policy and Coordination
(ESPaC) Committee
National Committee on
Critical Infrastructure Protection (NCCIP)
Federal, state and territory governments
Australian Government Senior
Officers Group (AGSOG) - NCCIP
Trusted Information Sharing Network
Critical Infrastructure Advisory Council (CIAC)
Infrastructure Assurance Advisory Groups (IAAGs)
Banking &
Finance
(AGD)
Emergency
Services
(EMA)
Communications
(DBCDE)
Mass
Gatherings
(AGD)
Food Chain
(DAFF)
Energy
(DRET)
Expert Advisory Groups (EAGs)
Health
(DHA)
Water
Services
(AGD)
Transport
(DITRDaLG)
CIP
Futures
(AGD)
IT Security
(DBCDE)
SCADA
Community
of Interest
(DBCDE)
Agency/ portfolio shown in brackets provides support services and interface with Australian Government
December 2007
10
IT Security Expert Advisory
Group
z
Provides strategic information and advice to
Australia’s critical infrastructure sectors on
emerging IT security issues
z
Policy advice for CIOs and CEOs
¾ Wireless
security
¾ Outsourcing
¾ IT Security Governance
¾ Security of Voice over IP
¾ Denial of Service Attacks
11
SCADA Community of Interest
z
A focus of the IT Security Expert Advisory
Group is the security of SCADA systems
z
SCADA security is crucial to continuity of
essential services
z
Community of interest is a cross sectoral
network of practitioners
z
Raises awareness of SCADA security
issues
12
International Cooperation
• Global Problem –
Collaboration with
other economies
and organisations
such as ITU,
OECD and APEC
TEL vital
13
Questions?
Thank you
sabeena.oberoi@dbcde.gov.au
14