CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response

Size: px
Start display at page:

Download "CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response"

Transcription

1 CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE AIIA Response 14 November 2011

2 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing suppliers and providers of a wide range of information technology and communications (ICT) products and services. Its membership comprises approximately 400 of the top international corporations as well as small to medium enterprises currently supplying innovative online applications supporting the Australian economy and enhancing the citizen engagement. AIIA s National Board of Directors includes all the major corporations currently involved in developments of high-speed broadband installations across global jurisdictions, such as Telstra, Google, IBM, Intel and Fujitsu, as well as small business organisations. AIIA's role is to lead and represent the ICT industry in Australia to maximise the potential of the Australian economy and society. AIIA is acutely aware of the cyber-security risks to ongoing safe use and exploitation of digital infrastructure, and the possible loss of confidence by users if those risks are not appropriately managed. Our members participate in all relevant government programs aimed at user education and awareness, information sharing among critical infrastructure owners and real-time cyber-safety exercises involving cross-jurisdictional and international stakeholders. In addition they are constantly involved in development of tools and services aimed at educating consumers about online risks, while at the same time enhancing the user experience. Overview It is safe to anticipate that in all aspects of society the use of and reliance on information and communication technologies (ICT) will be more pervasive in the future. It is also reasonable to expect that today s ICT technologies will continue to evolve into a model that more critically depends on services hosted on the internet using interconnected technologies. The pervasiveness and advancements in mobile technology and the demands of consumers will dictate that almost 2

3 every new electronic device will have some form of anywhere access capacity. 1 This recognition combined with the rapid convergence of content, technologies and delivery channels, will add to the possible threat of cybercrime in the future. Safe and confident use of digital infrastructure poses one of the most serious economic and security challenges for modern governments. The genesis of our current digital environment was born out of considerations of interoperability and efficiency, not security. Increased productivity growth and related economic advantages across sectors are now well accepted by commentators. 2 So the secure and safe use of all the potential benefits delivered by digital means must be assured by governments concerned with enhancing their nations GDP for the benefit of citizens. This frequently involves a fine balance between maintaining an eco-environment for digital activities that promotes safety, security, privacy and liberties, while meeting increasing consumer demands for innovative service delivery, efficiency, prosperity and fast, free commercial intercourse. AIIA commends the government and other stakeholders for taking an ongoing and vigilant approach to all these issues. That said, it must be acknowledged that cybercrime knows no borders and detection of perpetrators is notoriously difficult; the nature of many platforms used by criminals in the digital space facilitates anonymity. Criminologists have long argued that certainty of detection, not severity of punishment, is the true deterrent for would-be criminals. So any efforts to send clear signals to cybercriminals that the national and international community is working seriously towards reducing opportunities for nefarious activities will assist. AIIA is pleased the Discussion Paper recognises that fact. Information and communications technologies (ICT) have become an integral part of almost every facet of modern, developed economies, underpinning their civil infrastructure, public safety, energy supply and management, financial networks and national security. This development has led to productivity increases and enhanced efficiencies across many economic sectors such as the financial, manufacturing and retail sectors. 1 Microsoft Australia, E-Security Review 2008, page 4. 2 Access Economics, The Economic Benefits of Intelligent Technologies, April Commissioned by IBM Australia 3

4 But it has also resulted in opportunities for existing crimes such as fraud, forgery and impersonation to be carried out by the ill-intentioned in new and more detection-proof ways. A new lexicon has entered the public discourse reflecting the myriad models of behaviour now open to those intent on crime: cyberstalking, cyberbullying, phishing and spamming to name a few. If the undoubted benefits of online and digital economic transactions are to be further realised, all users must have confidence that information is secure, commerce is not compromised and critical infrastructure is not infiltrated. This confidence will only be assured through constant political vigilance, enhanced governance, application of technology, new delivery platforms such as cloud computing, education and awareness programs. Cybercrime can be understood by reference to its eco-environment, cyberspace. The US has defined cyberspace as the interdependent network of information technology infrastructures, and includes the internet, telecommunications networks, computer systems and embedded processors and controllers in critical industries. Common usage of the term also refers to the virtual environment of information and interactions between people. 3 By this definition, cyberspace is not just the internet; so cybercrime can occur in a much wider environment than the internet. Available Data? On the basis that governments cannot manage or regulate what they cannot measure, AIIA sees a threshold issue as the lack of credible data in this area. Credible data on the nature and prevalence of e-security risks and subsequent cybercrimes is notoriously difficult to obtain, due to a variety of reasons, including under-reporting. Victims of cybercrime under-report either through ignorance (as to what crime has occurred) or desire not to signal their organisation s poor security and so reduce their customers confidence. Banks are generally thought to fall into this group of underreporters. Under-reporting also occurs in cases of phishing and financial scams because victims do not wish to appear ignorant or gullible. 3 Cyberspace Policy Review, 4

5 In relation to theft of personal information (identity data), it is equally difficult to be definitive about nature and prevalence because in many cases victims do not know their personal data has been assumed or stolen until a subsequent crime is perpetrated against them, such as credit card fraud or some other financial incident. In this regard, estimates of the type provided by the AFP in the Discussion Paper (the risk to our economy is more than one billion dollars a year ) do not inspire confidence in our ability to come to terms with the size of the issue we face; AIIA suggests the government facilitate a more forensic analysis of the economic impact of cybercrime in Australia. Response Structure AIIA s response does not address all the questions posed in the Paper. We will instead comment on specific questions which have prompted member feedback. As a preliminary comment, AIIA members see great potential for security and privacy enhancements (and thus perhaps risk diminution) through adoption of newer delivery platforms such as cloud computing. In addition, education and awareness programs for all users at every engagement level should be enhanced by all governments. Pp 10: Issue: A growing portion of our lives and civic experience is conducted in the online environment. This environment has a unique set of characteristics, including anonymity, and allows people to interact socially unhindered by geographic distance. Question: How can we promote a concept of digital citizenship, reach agreement on acceptable online behaviour and encourage people to assume greater responsibility for that behaviour? 5

6 Answer: Governments can partner with the online industry to create and promote awareness programs for online risks and responsibilities; there are many examples in Australia and the US of this. Pp 11: Issue: Governments are progressively implementing online services in response to community expectations. However, many individuals do not trust their private data will be appropriately managed. Question: How can governments improve citizens and businesses trust that their private data will be secured and only used for agreed purposes? Answer: Trust comes through providing verifiable competence in securing data. In the move to online providers, governments have the opportunity to select providers with effective security, and to require those providers to be accountable for that security. Done correctly, with the right degree of certification, this approach would improve security over in-house systems and controls. Private industry is migrating to cloud delivery platforms because they realise that security is a feature of leading cloud providers product offerings it is applied throughout their environments and tested and audited regularly. Cloud delivery can focus on security as a competitive requirement, in comparison to diverse and geographically dispersed organisations, such as governments or large corporations, for whom security is often a localised effort with limitations based on awareness, system design, and available technical and personnel resources. Cloud architectures can be more sustainable from a security perspective. Corporations struggle with patch management and technology currency. Both of these issues lead to vulnerabilities that are at the root of many data security breaches. Cloud delivery offers a modern and sustainable security stack that enables corporations to focus on higher level data protection initiatives and not on low value added security maintenance activities. Pp 16: Issue: The digital economy presents both wide-ranging opportunities for increased productivity and innovation across the Australian economy and the risk of the loss of sensitive commercial data. 6

7 Question: How can small business awareness of commercial online opportunities be balanced with awareness of potential online risks and mitigation strategies? Small to mid-sized companies are the ones that can benefit the most from moving to the cloud. They lack the skill-set and budgets to manage complicated security issues. By moving to competent cloud offerings they lower their overall risk profile since the cloud provider assumes many of the security accountabilities. Issue: One of the primary impediments to e-commerce is consumers fear their financial or personal details may be at risk when conducting business online. Anonymity will remain a key part of the Internet, but trust and confidence in the digital economy may be undermined if people s financial and personal details remain at risk of being stolen by criminals. Question: What options are there for increasing consumers trust in conducting business online? Question: How can consumers be encouraged to take more responsibility to protect their information? Question: What are the options for broadening industry s efforts to provide customers with a greater level of trust and confidence in the security and privacy of their online transactions? Question: What information would help consumers and small businesses better protect themselves and enhance their trust and confidence online? Government agencies and industry can provide better education and awareness and ensuring that all providers meet the highest standards of data security. Industry should be required to meet a certain level of security certifications (e.g. ISO 27001). Online enterprises can contribute by posting their privacy and security statements, and by presenting awareness content for their customers and the general public. Both customers and the public should know how to contact those businesses regarding security concerns (e.g, potential abuse). Other helpful information can include evidence of security certifications (e.g. ISO 27001). 7

8 Pp 19: Issue: Much of the public discussion on cyber threats and risks to date has focused on national security issues. This important dimension has inadvertently hidden the reality that at its most basic level, security and safety online is reliant on the awareness of individuals. As a result, many businesses and consumers are not as mindful of cyber threats as they could be. Question: How can the Commonwealth, states and territories and industry effectively communicate the interdependent nature of individual and national cyber security? How can the importance of individual behaviour be highlighted in creating a secure, trusted and resilient online environment for all Australians? End-user security awareness is the most difficult message to deliver effectively, such that it makes behavioral changes that result in good security practice. Online service providers should have a Security Awareness program for their employees, and customer-facing security information that is accessible and useful. Much like a public health or safety program, government can take a role in developing basic skills, promoting secure online behaviors in schools and public service announcements. 8

The incidence of cybercrime in Australia and its impact on consumers. AIIA response to House of Representative Committee on Communications

The incidence of cybercrime in Australia and its impact on consumers. AIIA response to House of Representative Committee on Communications SUBMISSION NO. 22 The incidence of cybercrime in Australia and its impact on consumers AIIA response to House of Representative Committee on Communications Inquiry into the incidence and impact of cybercrime

More information

E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION

E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION 1. Introduction E-SECURITY REVIEW 2008 DISCUSSION PAPER FOR PUBLIC CONSULTATION Australia s national security and economic and social well-being rely upon the use and availability of a range of Information

More information

Cyber Security Strategy

Cyber Security Strategy NEW ZEALAND S Cyber Security Strategy 2015 A secure, resilient and prosperous online New Zealand Ministerial Foreword The internet and technology have become a fundamental element in our lives. We use

More information

NSW GOVERNMENT DRAFT ICT STRATEGY PLAN. AIIA Response

NSW GOVERNMENT DRAFT ICT STRATEGY PLAN. AIIA Response NSW GOVERNMENT DRAFT ICT STRATEGY PLAN AIIA Response 22 December 2011 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing suppliers and providers

More information

Technology Strategy April 2014

Technology Strategy April 2014 Technology Strategy April 2014 Contents Overview 1 Our environment 1 Why change? 2 Our vision for technology what success looks like 3 Our approach 7 Transformation shifts how will we know we have been

More information

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation

Commonwealth Approach to Cybergovernance and Cybersecurity. By the Commonwealth Telecommunications Organisation Commonwealth Approach to Cybergovernance and Cybersecurity By the Commonwealth Telecommunications Organisation Trends in Cyberspace Cyberspace provides access to ICT Bridging the digital divide and influencing

More information

National. Strategy. Identity Security

National. Strategy. Identity Security National Identity Security Strategy 2012 National Identity Security Strategy 2012 Identity Security National Identity Security Strategy ISBN: 978-1-922032-03-4 Commonwealth of Australia 2013 All material

More information

A NEW APPROACH TO CYBER SECURITY

A NEW APPROACH TO CYBER SECURITY A NEW APPROACH TO CYBER SECURITY We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively

More information

CYBER SECURITY STRATEGY AN OVERVIEW

CYBER SECURITY STRATEGY AN OVERVIEW CYBER SECURITY STRATEGY AN OVERVIEW Commonwealth of Australia 2009 This work is copyright. Apart from any use as permitted under the Copyright Act 1968, no part may be reproduced by any process without

More information

Electronic Health Records and Healthcare Identifiers: Legislation Discussion Paper

Electronic Health Records and Healthcare Identifiers: Legislation Discussion Paper Electronic Health Records and Healthcare Identifiers: Legislation Discussion Paper AIIA response July 2015 Ground Suite B 7-11 Barry Drive Turner ACT 2612 GPO Box 573 Canberra ACT 2601 T 61 2 6281 9400

More information

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA

NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA NATIONAL CYBERSECURITY STRATEGIES: AUSTRALIA AND CANADA JOÃO MANUEL ASSIS BARBAS Coronel de Artilharia. Assessor de Estudos do IDN INTRODUCTION Globalization and information and communication technologies

More information

TUSKEGEE CYBER SECURITY PATH FORWARD

TUSKEGEE CYBER SECURITY PATH FORWARD TUSKEGEE CYBER SECURITY PATH FORWARD Preface Tuskegee University is very aware of the ever-escalating cybersecurity threat, which consumes continually more of our societies resources to counter these threats,

More information

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance

Evolving Threats and Attacks: A Cloud Service Provider s viewpoint. John Howie Senior Director Online Services Security and Compliance Evolving Threats and Attacks: A Cloud Service Provider s viewpoint John Howie Senior Director Online Services Security and Compliance Introduction Microsoft s Cloud Infrastructure Evolution of Threats

More information

Compliance Guide: ASD ISM OVERVIEW

Compliance Guide: ASD ISM OVERVIEW Compliance Guide: ASD ISM OVERVIEW Australian Information Security Manual Mapping to the Principles using Huntsman INTRODUCTION In June 2010, The Australian Government Protective Security Policy Framework

More information

NEW ZEALAND S CYBER SECURITY STRATEGY

NEW ZEALAND S CYBER SECURITY STRATEGY Appendix 1 NEW ZEALAND S CYBER SECURITY STRATEGY June 2011 New Zealand Government 7 June 2011 ISBN: 978-0-478-38200-6 www.med.govt.nz/cyberstrategy MED11 Foreword from the Minister The Internet and digital

More information

The UK cyber security strategy: Landscape review. Cross-government

The UK cyber security strategy: Landscape review. Cross-government REPORT BY THE COMPTROLLER AND AUDITOR GENERAL HC 890 SESSION 2012-13 12 FEBRUARY 2013 Cross-government The UK cyber security strategy: Landscape review 4 Key facts The UK cyber security strategy: Landscape

More information

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework

(U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U) Appendix E: Case for Developing an International Cybersecurity Policy Framework (U//FOUO) The United States lacks a comprehensive strategic international policy framework and coordinated engagement

More information

Report to the Council of Australian Governments. A Review of the National Identity Security Strategy

Report to the Council of Australian Governments. A Review of the National Identity Security Strategy Report to the Council of Australian Governments A Review of the National Identity Security Strategy 2012 Report to COAG - Review of the National Identity Security Strategy 2012 P a g e i Table of contents

More information

Advanced Biometric Technology

Advanced Biometric Technology INC Internet Biometric Security Systems Internet Biometric Security System,Inc.White Papers Advanced Biometric Technology THE SIMPLE SOLUTION FOR IMPROVING ONLINE SECURITY Biometric Superiority Over Traditional

More information

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis An analogue approach to a digital world What foundations is CDCAT built on?

More information

Australian Government Information Security Manual PRINCIPLES

Australian Government Information Security Manual PRINCIPLES 2015 Australian Government Information Security Manual PRINCIPLES 2015 Australian Government Information Security Manual PRINCIPLES Commonwealth of Australia 2015 All material presented in this publication

More information

Business Plan 2012/13

Business Plan 2012/13 Business Plan 2012/13 Contents Introduction 3 About the NFA..4 Priorities for 2012/13 4 Resources.6 Reporting Arrangements.6 Objective 1 7 To raise the profile and awareness of fraud among individuals,

More information

SENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE. Question No. 100

SENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE. Question No. 100 SENATE STANDING COMMITTEE ON LEGAL AND CONSTITUTIONAL AFFAIRS AUSTRALIAN FEDERAL POLICE Question No. 100 Senator McKenzie asked the following question at the hearing on 24 May 2012: a) How do you define

More information

Rationale for a Cloud Services Framework

Rationale for a Cloud Services Framework Rationale for a Cloud Services Framework AIIA response to Draft Paper for Consultation January 2015 T 61 2 6281 9400 E W info@aiia.com.au www.aiia.comau About AIIA The Australian Information Industry Association

More information

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness

SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper. Safeguarding data through increased awareness SOMEBODY'S WATCHING YOU! Maritime Cyber Security White Paper Safeguarding data through increased awareness November 2015 1 Contents Executive Summary 3 Introduction 4 Martime Security 5 Perimeters Breached

More information

GUERNSEY CYBER SECURITY REVIEW

GUERNSEY CYBER SECURITY REVIEW GUERNSEY CYBER SECURITY REVIEW EXECUTIVE SUMMARY FOREWORD I am delighted that the States of Guernsey has completed a detailed cyber-security review which looks at government, businesses and individuals.

More information

Service and anonymisation.

Service and anonymisation. THE INTERNET ORGANISED CRIME THREAT ASSESSMENT (IOCTA) 2014 9 EXECUTIVE SUMMARY The Internet Organised Crime Threat Assessment (iocta) informs decision makers at strategic, policy and tactical levels about

More information

www.pwc.co.uk Cyber security Building confidence in your digital future

www.pwc.co.uk Cyber security Building confidence in your digital future www.pwc.co.uk Cyber security Building confidence in your digital future November 2013 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence in

More information

Cloud Computing in the Victorian Public Sector

Cloud Computing in the Victorian Public Sector Cloud Computing in the Victorian Public Sector AIIA response July 2015 39 Torrens St Braddon ACT 2612 Australia T 61 2 6281 9400 E info@aiia.com.au W www.aiia.comau Page 1 of 9 17 July 2015 Contents 1.

More information

Cyber Security - What Would a Breach Really Mean for your Business?

Cyber Security - What Would a Breach Really Mean for your Business? Cyber Security - What Would a Breach Really Mean for your Business? August 2014 v1.0 As the internet has become increasingly important across every aspect of business, the risks posed by breaches to cyber

More information

CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION

CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION CYBER-ATLAS A COMPLETE CYBER RISK MANAGEMENT SOLUTION In the ever-evolving technological landscape which we all inhabit, our lives are dominated by

More information

S. ll IN THE SENATE OF THE UNITED STATES

S. ll IN THE SENATE OF THE UNITED STATES OLL0 TH CONGRESS ST SESSION S. ll To secure the United States against cyber attack, to improve communication and collaboration between the private sector and the Federal Government, to enhance American

More information

Good morning. It s a pleasure to be here this morning, talking with the NZISF. Thank you for this opportunity.

Good morning. It s a pleasure to be here this morning, talking with the NZISF. Thank you for this opportunity. Speech Notes for New Zealand Information Security Forum 11 April 2013 Paul Ash, Manager National Cyber Policy Office Department of Prime Minister and Cabinet CYBERSECURITY: WHY IT MATTERS FOR NEW ZEALAND

More information

Cyber Security Strategy

Cyber Security Strategy Cyber Security Strategy 2015 Action Plan A LIVING ACTION PLAN WITH ANNUAL REVIEWS New Zealand s Cyber Security Strategy provides a single cohesive framework to ensure that New Zealand is secure, resilient

More information

EU Cybersecurity Policy & Legislation ENISA s Contribution

EU Cybersecurity Policy & Legislation ENISA s Contribution EU Cybersecurity Policy & Legislation ENISA s Contribution Steve Purser Head of Core Operations Oslo 26 May 2015 European Union Agency for Network and Information Security Agenda 01 Introduction to ENISA

More information

Internet Safety and Security: Strategies for Building an Internet Safety Wall

Internet Safety and Security: Strategies for Building an Internet Safety Wall Internet Safety and Security: Strategies for Building an Internet Safety Wall Sylvanus A. EHIKIOYA, PhD Director, New Media & Information Security Nigerian Communications Commission Abuja, NIGERIA Internet

More information

Fostering Incident Response and Digital Forensics Research

Fostering Incident Response and Digital Forensics Research Fostering Incident Response and Digital Forensics Research Bruce J. Nikkel bruce.nikkel@ubs.com September 8, 2014 Abstract This article highlights different incident response topics with a focus on digital

More information

Promoting a cyber security culture and demand compliance with minimum security standards;

Promoting a cyber security culture and demand compliance with minimum security standards; Input by Dr. S.C. Cwele Minister of State Security, Republic of South Africa Cyber Security Meeting, Johannesburg 27 March 2014 I would like to thank the Wits School of Governance for inviting us to contribute

More information

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist, CISSP @TheGrantBrown Cyber Resilience Implementing the Right Strategy Grant Brown specialist, CISSP @TheGrantBrown 1 2 Network + Technology + Customers = $$ 3 Perfect Storm? 1) Increase in Bandwidth (extended reach) 2) Available

More information

THE PERFECT STORM WEATHERING CYBER THREATS IN THE HEALTHCARE INDUSTRY

THE PERFECT STORM WEATHERING CYBER THREATS IN THE HEALTHCARE INDUSTRY THE PERFECT STORM WEATHERING CYBER THREATS IN THE HEALTHCARE INDUSTRY BY DR. BRIAN MCELYEA AND DR. EMILY DARRAJ Approved for Public Release: Case # 16-0276 NORTHROP GRUMMAN WHITE PAPER 2016 Northrop Grumman

More information

THE AUSTRALIAN PUBLIC SERVICE BIG DATA STRATEGY. Comments from AIIA

THE AUSTRALIAN PUBLIC SERVICE BIG DATA STRATEGY. Comments from AIIA THE AUSTRALIAN PUBLIC SERVICE BIG DATA STRATEGY Comments from AIIA JULY 2013 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing multinational and

More information

Australian Government Cyber Security Review

Australian Government Cyber Security Review Australian Government Cyber Security Review The Cisco Response Today, governments are almost universally pursuing a development and modernisation agenda to nurture their society into the digital age, and

More information

ACE European Risk Briefing 2012

ACE European Risk Briefing 2012 #5 ACE European Risk Briefing 2012 IT and cyber risk respondent profiles The research was carried out between 13 April and 3 May 2012. The sample comprised 606 European risk managers, CROs, CFOs, COOs

More information

SUBMISSION NO. 20. Australian Federal Police. Submission to the Inquiry into Cybersafety for Senior Australians.

SUBMISSION NO. 20. Australian Federal Police. Submission to the Inquiry into Cybersafety for Senior Australians. SUBMISSION NO. 20 Australian Federal Police Submission to the Inquiry into Cybersafety for Senior Australians 2012 www.afp.gov.au Introduction The internet and new and evolving technologies open up a world

More information

Cybercrime : Malaysia. By DSP MahfuzBin Dato Ab. Majid Royal Malaysia Police

Cybercrime : Malaysia. By DSP MahfuzBin Dato Ab. Majid Royal Malaysia Police Cybercrime : Malaysia By DSP MahfuzBin Dato Ab. Majid Royal Malaysia Police ICT Development The ICT development within this region has been rapid since more than 3 decades ago. With the launching of the

More information

NAPCAN s strategy is to bring about the changes necessary in individual and community behaviour to stop child abuse and neglect before it starts by:

NAPCAN s strategy is to bring about the changes necessary in individual and community behaviour to stop child abuse and neglect before it starts by: The Director Cyber Safety Policy and Programs Department of Communications GPO Box 2154 CANBERRA ACT 2601 Dear Director, Re: Discussion Paper on Enhancing Online Safety for Children NAPCAN (National Association

More information

WRITTEN TESTIMONY BEFORE THE HEARING ON FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN TARGET

WRITTEN TESTIMONY BEFORE THE HEARING ON FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN TARGET WRITTEN TESTIMONY BEFORE THE SENATE COMMITTEE ON THE JUDICIARY HEARING ON PRIVACY IN THE DIGITAL AGE: PREVENTING DATA BREACHES AND COMBATING CYBERCRIME FEBRUARY 4, 2014 TESTIMONY OF JOHN MULLIGAN EXECUTIVE

More information

Security Intelligence

Security Intelligence IBM Security Security Intelligence Security for a New Era of Computing Erno Doorenspleet Consulting Security Executive 1 PARADIGM SHIFT in crime Sophistication is INCREASING Attacks are More Targeted Attackers

More information

Commonwealth Organised Crime Strategic Framework: Overview

Commonwealth Organised Crime Strategic Framework: Overview Commonwealth Organised Crime Strategic Framework: Overview Commonwealth Organised Crime Strategic Framework: Overview ISBN: 978-1-921241-94-9 Commonwealth of Australia 2009 This work is copyright. Apart

More information

Cybersecurity and Cybercrime. Ministry of National Security

Cybersecurity and Cybercrime. Ministry of National Security Cybersecurity and Cybercrime Ministry of National Security Objective of Presentation What is the nature of Cybersecurity and Cybercrime? Purpose of Legislation Potential Impact on business operations What

More information

An Overview of Cybersecurity and Cybercrime in Taiwan

An Overview of Cybersecurity and Cybercrime in Taiwan An Overview of Cybersecurity and Cybercrime in Taiwan I. Introduction To strengthen Taiwan's capability to deal with information and communication security issues, the National Information and Communication

More information

techuk Cloud 2020 Vision Keeping the UK at the forefront of cloud adoption

techuk Cloud 2020 Vision Keeping the UK at the forefront of cloud adoption techuk Cloud 2020 Vision Keeping the UK at the forefront of cloud adoption Introduction Cloud computing is fundamental to the UK s digital future. The next wave of the digital revolution is being powered

More information

Assessing the strength of your security operating model

Assessing the strength of your security operating model www.pwc.com Assessing the strength of your security operating model May 2014 Assessing the strength of your security operating model Retail stores, software companies, the U.S. Federal Reserve it seems

More information

Into the cybersecurity breach

Into the cybersecurity breach Into the cybersecurity breach Tim Sanouvong State Sector Cyber Risk Services Deloitte & Touche LLP April 3, 2015 Agenda Setting the stage Cyber risks in state governments Cyber attack vectors Preparing

More information

National Cyber Security Policy -2013

National Cyber Security Policy -2013 National Cyber Security Policy -2013 Preamble 1. Cyberspace 1 is a complex environment consisting of interactions between people, software and services, supported by worldwide distribution of information

More information

ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION.

ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION. ARCHITECTURE SERVICES. G-CLOUD SERVICE DEFINITION. Table of contents 1 Introduction...3 2 Architecture Services...4 2.1 Enterprise Architecture Services...5 2.2 Solution Architecture Services...6 2.3 Service

More information

The Australian Public Service Big Data Strategy

The Australian Public Service Big Data Strategy The Australian Public Service Big Data Strategy Improved understanding through enhanced data-analytics capability AIIA response March 2014 Contact for this submission: Suzanne Roche 39 Torrens St Braddon

More information

Protecting Online Gaming and e-commerce Companies from Fraud

Protecting Online Gaming and e-commerce Companies from Fraud Protecting Online Gaming and e-commerce Companies from Fraud White Paper July 2007 Protecting Online Gaming and e-commerce Companies from Fraud Overview In theory, conducting business online can be efficient

More information

Secure Thinking Bigger Data. Bigger risk?

Secure Thinking Bigger Data. Bigger risk? Secure Thinking Bigger Data. Bigger risk? MALWARE HACKERS REPUTATION PROTECTION RISK THEFT There has always been data. What is different now is the scale and speed of data growth. Every day we create 2.5

More information

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model Stéphane Hurtaud Partner Governance Risk & Compliance Deloitte Laurent De La Vaissière Director Governance Risk & Compliance

More information

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES POINT OF VIEW CYBERSECURITY IN FINANCIAL SERVICES Financial services institutions are globally challenged to keep pace with changing and covert cybersecurity threats while relying on traditional response

More information

European priorities in information security

European priorities in information security European priorities in information security Graeme Cooper Head of Public Affairs Unit, ENISA 12th International InfoSec and Data Storage Conference, 26th September 2013, Sheraton Hotel, Sofia, Bulgaria

More information

Keeping out of harm s way in cyberspace

Keeping out of harm s way in cyberspace Keeping out of harm s way in cyberspace Martin Smith MBE FSyI Chairman and Founder The Security Company (International) Limited The Security Awareness Special Interest Group What is Cybercrime? Criminal

More information

National Plan to Address Cybercrime

National Plan to Address Cybercrime National Plan to Address Cybercrime 2015 Improving our ability to prevent, investigate and respond to cybercrime Contents INTRODUCTION 3 Purpose of the Plan 3 What is cybercrime? 4 The nature of the cybercrime

More information

www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future

www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future www.pwc.nl/cybersecurity Cyber security Building confidence in your digital future 2015 Contents 1 Confidence in your digital future 2 Our point of view 3 Building confidence 4 Our services Confidence

More information

Terms of Reference for the Review of the OECD Guidelines for the Security of Information Systems and Networks

Terms of Reference for the Review of the OECD Guidelines for the Security of Information Systems and Networks Please cite this paper as: OECD (2012), Terms of Reference for the Review of the OECD Guidelines for the Security of Information Systems and Networks, OECD Digital Economy Papers, No. 210, OECD Publishing.

More information

Security in the Cloud an end to end Problem

Security in the Cloud an end to end Problem ID WORLD Abu Dhabi 18-19 March 2012 Cloud Computing & Mobile Applications Dr. Andrew Jones Programme Chair for Information Security Khalifa University of Science, Technology and Research, Abu Dhabi Security

More information

Submission - Mandatory data breach notification discussion paper

Submission - Mandatory data breach notification discussion paper Our reference: 15/000172 Commercial and Administrative Law Branch Attorney-General's Department 4 National Circuit Barton ACT 2600 By email: privacy.consultation@ag.gov.au Submission - Mandatory data breach

More information

Emerging risks for internet users

Emerging risks for internet users Sabeena Oberoi Assistant Secretary, Cyber Security and Asia Pacific Branch Department of Broadband, Communications and the Digital Economy Government s role - DBCDE The new Australian Government Cyber

More information

CIO, CISO and Practitioner Guidance IT Security Governance

CIO, CISO and Practitioner Guidance IT Security Governance June 2006 (Revision 1, August 2007) () 1 CIO, CISO and Practitioner Guidance Whatever your business, security and privacy are key matters that affect your enterprise and those dependent upon you. There

More information

INFORMATION SECURITY AWARENESS & TRAINING PROGRAM

INFORMATION SECURITY AWARENESS & TRAINING PROGRAM INFORMATION SECURITY AWARENESS & TRAINING PROGRAM By Serah Francis MSc Student, Gjøvik University, Norway ISES Member IFIP TC3 ISES Project INTRODUCTION Africa has 167 million Internet Users and is estimated

More information

Certified Cyber Security Analyst VS-1160

Certified Cyber Security Analyst VS-1160 VS-1160 Certified Cyber Security Analyst Certification Code VS-1160 Vskills certification for Cyber Security Analyst assesses the candidate as per the company s need for cyber security and forensics. The

More information

Cybersecurity in the States 2012: Priorities, Issues and Trends

Cybersecurity in the States 2012: Priorities, Issues and Trends Cybersecurity in the States 2012: Priorities, Issues and Trends Commission on Maryland Cyber Security and Innovation June 8, 2012 Pam Walker, Director of Government Affairs National Association of State

More information

CYBERSECURITY HOT TOPICS

CYBERSECURITY HOT TOPICS 1 CYBERSECURITY HOT TOPICS Secure Banking Solutions 2 Presenter Chad Knutson VP SBS Institute Senior Information Security Consultant Masters in Information Assurance CISSP, CISA, CRISC www.protectmybank.com

More information

Cyber Security Organisational Standards. Guidance

Cyber Security Organisational Standards. Guidance Cyber Security Organisational Standards Guidance April 2013 Contents Contents...2 Overview...3 Background...4 Definitions...5 Presentation and Layout...6 Submissions Guidance...7 Acceptance Criteria...8

More information

ITU Global Cybersecurity Agenda (GCA)

ITU Global Cybersecurity Agenda (GCA) International Telecommunication Union ITU Global Cybersecurity Agenda (GCA) Framework for International Cooperation in Cybersecurity ITU 2007 All rights reserved. No part of this publication may be reproduced,

More information

Preliminary Privacy Impact Assessment of the National Facial Biometric Matching Capability - Interoperability Hub

Preliminary Privacy Impact Assessment of the National Facial Biometric Matching Capability - Interoperability Hub December 2015 Preliminary Privacy Impact Assessment of the National Facial Biometric Matching Capability - Interoperability Hub Attorney-General s Department Response Identity crime is one of the most

More information

Legislative Council Panel on Information Technology and Broadcasting. Information Security

Legislative Council Panel on Information Technology and Broadcasting. Information Security For Information on 8 July 2013 LC Paper No. CB(4)834/12-13(05) Legislative Council Panel on Information Technology and Broadcasting Information Security Purpose This paper updates Members on the latest

More information

Cyber security the facts

Cyber security the facts Cyber security the facts By Dr Carolyn Patteson, Executive Manager, CERT Australia The cyber threat is real and ever present and every business is at risk. Australia s security and intelligence agencies

More information

ACS CLOUD COMPUTING CONSUMER PROTOCOL. Response from AIIA

ACS CLOUD COMPUTING CONSUMER PROTOCOL. Response from AIIA ACS CLOUD COMPUTING CONSUMER PROTOCOL Response from AIIA AUGUST 2013 INTRODUCTION The Australian Information Industry Association (AIIA) is the peak national body representing multinational and domestic

More information

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation

GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000. CEO EDS Corporation GLOBAL BUSINESS DIALOGUE ON ELECTRONIC COMMERCE CYBER SECURITY AND CYBER CRIME SEPTEMBER 26, 2000 Issue Chair: Issue Sherpa: Dick Brown CEO EDS Corporation Bill Poulos EDS Corporation Tel: (202) 637-6708

More information

Australian Government Information Security Manual EXECUTIVE COMPANION

Australian Government Information Security Manual EXECUTIVE COMPANION 2015 Australian Government Information Security Manual EXECUTIVE COMPANION 2015 Australian Government Information Security Manual EXECUTIVE COMPANION Commonwealth of Australia 2015 All material presented

More information

Draft WGIG Issues Paper on E-Commerce

Draft WGIG Issues Paper on E-Commerce Draft WGIG Issues Paper on E-Commerce This paper is a 'draft working paper' reflecting the preliminary findings of the drafting team. It has been subject to review by all WGIG members, but it does not

More information

THE ROLE OF ICT REGULATION IN PROMOTING SMES IN DEVELOPING COUNTRIES. Egidius MBARARA, Rwanda Utilities Regulatory Agency (RURA)

THE ROLE OF ICT REGULATION IN PROMOTING SMES IN DEVELOPING COUNTRIES. Egidius MBARARA, Rwanda Utilities Regulatory Agency (RURA) THE ROLE OF ICT REGULATION IN PROMOTING SMES IN DEVELOPING COUNTRIES Egidius MBARARA, Rwanda Utilities Regulatory Agency (RURA) Introduction e-commerce has increasingly become a necessary component of

More information

National Cyber Security Strategy 2015-2017

National Cyber Security Strategy 2015-2017 National Cyber Security Strategy 2015-2017 Table of Contents Table of Contents...i Executive Summary... 1 1. Introduction... 2 2. Context - People, Economy, and State... 4 3. Guiding Principles... 10 4.

More information

Unisys Security Insights: Germany A Consumer Viewpoint - 2015

Unisys Security Insights: Germany A Consumer Viewpoint - 2015 Unisys Security Insights: Germany A Consumer Viewpoint - 2015 How consumers in Germany feel about: Personal data security, ranked by industry Experiences concerning security of personal data Research by

More information

CYBER SECURITY Audit, Test & Compliance

CYBER SECURITY Audit, Test & Compliance www.thalescyberassurance.com CYBER SECURITY Audit, Test & Compliance 02 The Threat 03 About Thales 03 Our Approach 04 Cyber Consulting 05 Vulnerability Assessment 06 Penetration Testing 07 Holistic Audit

More information

AISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY. 14 October 2015 OPENING ADDRESS LYNWEN CONNICK

AISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY. 14 October 2015 OPENING ADDRESS LYNWEN CONNICK 1 AISA NATIONAL CONFERENCE 2015 TRUST IN INFORMATION SECURITY 14 October 2015 OPENING ADDRESS LYNWEN CONNICK Thanks Arno, and good morning everyone. Welcome to Australian Information Security Association

More information

Developing National Frameworks & Engaging the Private Sector

Developing National Frameworks & Engaging the Private Sector www.pwc.com Developing National Frameworks & Engaging the Private Sector Focus on Information/Cyber Security Risk Management American Red Cross Disaster Preparedness Summit Chicago, IL September 19, 2012

More information

Cyber-safety for Senior Australians. Inquiry Submission

Cyber-safety for Senior Australians. Inquiry Submission SUBMISSION NO. 32 Cyber-safety for Senior Australians Inquiry Submission The AISA Response to the Parliament s Joint Select Committee s call for submissions Date 23 March 2012 Page 1 Executive Summary:

More information

Cyber Security Solutions

Cyber Security Solutions Cyber Security Solutions Defending the Enterprise General Dynamics Information Technology defends mission-critical systems including government, health, finance, defence, large-enterprise and national

More information

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things Cyber security Digital Customer Experience Digital Employee Experience Digital Insight Internet of Things Payments IP Solutions Cyber Security Cloud 2015 CGI IT UK Ltd Contents... Securing organisations

More information

COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY,

COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, COMMUNIQUÉ ON PRINCIPLES FOR INTERNET POLICY-MAKING OECD HIGH LEVEL MEETING ON THE INTERNET ECONOMY, 28-29 JUNE 2011 The Seoul Declaration on the Future of the Internet Economy adopted at the 2008 OECD

More information

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat.

Online security. Defeating cybercriminals. Protecting online banking clients in a rapidly evolving online environment. The threat. Defeating cybercriminals Protecting online banking clients in a rapidly evolving online environment The threat As the pace of technological change accelerates, so does the resourcefulness and ingenuity

More information

Mass Marketing Fraud Affecting Canadian Businesses 2015-10-30

Mass Marketing Fraud Affecting Canadian Businesses 2015-10-30 Mass Marketing Fraud Affecting Canadian Businesses 2015-10-30 About The CAFC The Canadian Anti-Fraud Centre (CAFC) is an international call centre specializing in central sourcing complaints on mass marketing

More information

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte Cyber security Time for a new paradigm Stéphane Hurtaud Partner Information & Technology Risk Deloitte 90 More than ever, cyberspace is a land of opportunity but also a dangerous world. As public and private

More information

Cloud Computing Security Considerations

Cloud Computing Security Considerations Cloud Computing Security Considerations Roger Halbheer, Chief Security Advisor, Public Sector, EMEA Doug Cavit, Principal Security Strategist Lead, Trustworthy Computing, USA January 2010 1 Introduction

More information

A BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper

A BUSINESS CASE FOR BEHAVIORAL ANALYTICS. White Paper A BUSINESS CASE FOR BEHAVIORAL ANALYTICS White Paper Introduction What is Behavioral 1 In a world in which web applications and websites are becoming ever more diverse and complicated, running them effectively

More information

Protecting Malaysia in the Connected world

Protecting Malaysia in the Connected world Protecting Malaysia in the Connected world cyber Security Company of the Year (Cybersecurity Malaysia, 2014) Most innovative information security company in Malaysia (Cybersecurity Malaysia, 2012) BAE

More information

OPPORTUNITIES, THREATS AND SECURITY STRATEGIES FOR ONLINE BUSINESS OPPORTUNITIES, THREATS AND SECURITY STRATEGIES FOR ONLINE BUSINESS

OPPORTUNITIES, THREATS AND SECURITY STRATEGIES FOR ONLINE BUSINESS OPPORTUNITIES, THREATS AND SECURITY STRATEGIES FOR ONLINE BUSINESS OPPORTUNITIES, THREATS AND SECURITY STRATEGIES FOR ONLINE BUSINESS Table of Contents 01 02 03 04 05 06 Today, Every Business is an Online Business Attackers Know They Can Do Damage Impacts of Attack and

More information