All the stars are aligned for dramatic change in cybersecurity, according to Alastair MacGibbon, the Special Advisor to the Prime Minister on Cyber Security.
Speaking at Intermedium’s June 2017 Federal Budget Briefing, MacGibbon said that 2017 presents unprecedented opportunities for cybersecurity.
“The stars have never aligned before. We’ve never had the political support, combined with the really strong industry desire, combined with the bureaucratic interest, combined with the funding, and frankly, combined with the extraordinary risk environment that we operate in online,” he said.
The main drivers of political support stem from two well-publicised incidents – the census debacle in August 2016, and the WannaCry ransomware attack in May this year.
According to MacGibbon, the census failure was a timely wakeup call.
“It called into question the ability of government to deliver digital services to the population, at a time when the population expects digital service delivery in everything that they do,” said MacGibbon.
The census backlash saw public sector conversation shift from a binary ‘secure or insecure’ question, towards a more informed discussion on ‘risk and resilience’, MacGibbon told the audience.
This shift in focus creates greater room for innovation and growth in the sector, as the agencies look for tools to aid threat prevention, detection and remediation rather than merely ‘ticking the appropriate boxes’ on compliance with mandatory requirements.
Echoing the message of the Deputy Director of Australian National Audit Office, Rona Mellor, who spoke at the same event, MacGibbon emphasised the importance of agency or enterprise culture in dealing with cybersecurity.
He stressed that there is a need to move away from a “compliance culture” towards a “risk and resilience culture” in order to deliver the secure digital service citizens expect from the government.
MacGibbon predicts that the change in focus towards risk and resilience will accelerate in the coming year.
Part of the coming change is a greater emphasis on local businesses. Government initiatives, such as the Australian Cyber Security Growth Network, will invest in developing “sovereign cyber capacity in Australia”, according to MacGibbon.
Partnerships with the ICT industry and universities, procurement platforms such as the Digital Marketplace, and removing barriers to IP commercialisation can be expected to play a key role in leveraging homegrown products and talents.
“Australia has the fourth highest patent rate in the world for network security,” said MacGibbon. “And yet we rate as one of the lowest nations in terms of how we commercialise that IP.”
“There is no reason why in this country we can’t be growing our cybersecurity capabilities.”