Tag Archive for: Cyber

Cyber norms & the Australian private sector

Across the world, there are conflicting ideas about how to manage the dynamic environment of cyberspace. States have the liberty of implementing legislation for the domestic regulation of cyberspace, but disagreements arise over national visions for the management of cyberspace internationally. Many have looked to norms to fill this breach, as their flexibility to adapt to changing technology and are attractive for the management of cyberspace and its broader stakeholder group. For this reason, norms, alongside international law have emerged as the preeminent means to establish what is acceptable behaviour in global cyberspace.

As owners and operators of a large amount of the world’s internet infrastructure and expertise, private sector bodies are some of the best placed organisations to speak authoritatively on the operation of cyberspace, and are therefore critical to the successful implementation of norms. However the private sector has largely been absent from the discussions shaping the creation of these international norms. To gain a deeper understanding of private sector perspectives on cyber norms, ASPI conducted a workshop and survey series with experts from some of Australia’s largest and most influential private sector organisations. Through this discussion and workshop series it was established that key Australian private sector organisations both understand and are interested in the formation of cyber norms. The resulting report documents the key takeaways from this research, highlighting central private sector insights on how cyber norms should be shaped to enable economic prosperity and broader wellbeing of the interconnected online ecosystem.

Cyber maturity in the Asia-Pacific region 2016

The 2016 Cyber Maturity report is the culmination of 12 months’ research by the ASPI International Cyber Policy Centre. The report assesses the approach of 23 regional countries to the challenges and opportunities that cyberspace presents, in terms of their governance structure, legislation, law enforcement, military, business and social engagement with cyber policy and security issues.

The 2016 report includes an assessment of three new countries, Bangladesh, Pakistan and the Solomon Islands. It also features, for the first time, separate data points on fixed line and mobile connectivity to better reflect the growth of mobile-based internet access across the region, its role in facilitating increased connectivity and opening new digital markets.  

Turning to the country rankings, coming in at top of the table for the third year running is the United States. In 2016 the United States continued to further refine its national policy approach to cyber issues, with President Obama’s National Security Action Plan and 30-day Cybersecurity Sprint, and the passing of the Cybersecurity Act. South Korea, Japan, Australia and Singapore round out the top five.

South Korea and Japan have swapped positions in second and third place, and Australia has leapfrogged Singapore into fourth place, recovering after dropping to fifth place in 2015. Australia’s improved position reflects the changes taking place as part of the implementation of the new Australian Cyber Security Strategy.

This includes the appointment of Australia’s first ministerial level cyber position (Minister Assisting the Prime Minister The Hon. Dan Tehan) and a new coordinator within the Department of the Prime Minister and Cabinet for government for cyber issues (Alastair MacGibbon).

Cyberspace and armed forces: The rationale for offensive cyber capabilities

Aserious approach to military modernisation requires countries to equip, train, and organise cyberforces for what has become an essential component of national defence and deterrence. A force without adequate cyber capabilities is more dangerous to itself than to its opponents. As nations move forward in rethinking the role and nature of their military forces, and as they study the problems of organisation, doctrine and use of cyber operations, they need to:

  • develop the full range of military cyber capabilities with both offensive and defensive application
  • create a centralised command structure for those capabilities, with clear requirements for political-level approval for action
  • embed those capabilities in doctrine and a legal framework based on international law.

Cyber maturity in the Asia-Pacific Region 2015

The second edition of the International Cyber Policy Centre’s annual Cyber Maturity in the Asia Pacific is the culmination of 12 months research and analysis delving into the cyber maturity of 20 countries within our region. It is a usable, quick-reference resource for those in government, business, academia, and the wider cyber community who are looking to make considered, evidence-based cyber policy judgements in the Asia-Pacific. It provides a depth of information and analysis that  builds a deeper understanding of regional countries’ whole of nation approach to cyber policy, crime, and security issues, and identifies potential opportunities for engagement. 

This years’ maturity metric contains five new countries and integrates a stand-alone assessment category on cybercrime enforcement. This new cybercrime category joins continuing assessments of whole-of-government policy and legislative structures, military organisation, international engagement and CERT team maturity in addition to business and digital economic strength and levels of cyber social awareness. This information is distilled into an accessible format, using metrics to provide a snapshot by which government, business, and the public alike can garner an understanding of the cyber profile of regional actors.

Cyber maturity in the Asia-Pacific Region 2014

To make considered, evidence-based cyber policy judgements in the Asia-Pacific there’s a need for better tools to assess the existing ‘cyber maturity’ of nations in the region.

Over the past twelve months the Australian Strategic Policy Institute’s International Cyber Policy Centre has developed a Maturity Metric which provides an assessment of the regional cyber landscape. This measurement encompasses an evaluation of whole-of-government policy and legislative structures, military organisation, business and digital economic strength and levels of cyber social awareness.

This information is distilled into an accessible format, using metrics to provide a snapshot by which government, business, and the public alike can garner an understanding of the cyber profile of regional actors.

Special Report – Compelled to control: Conflicting visions of the future of cyberspace

This report looks at the desire among states for greater control over the digital domain. It considers the convergence of controlling desires among the major cyberpowers and examines some of the main dynamics of the Russian and Chinese positions. Their positions are examined relative to each other and to the Western consensus.

The paper analyses the potential implications for the global internet and the impact that developing countries may have on the dialogue.

Tag Archive for: Cyber

Nothing Found

Sorry, no posts matched your criteria

Tag Archive for: Cyber

Cyber wrap

Canberra in AutumnIt has been a big week for cyber here in Canberra so this week’s edition is all about Oz.

The biggest news came on Thursday when Prime Minster Abbott travelled to the shores of Lake Burley Griffin to officially open the Australian Cyber Security Centre (ACSC). While the ACSC has already been working behind the scenes, the long-awaited official opening comes 23 months after the Centre was first announced in January 2013, by PM Julia Gillard.

The Australian Cyber Security Centre aims to bring together operational cyber capabilities from across government to improve coordination and cooperation. The Centre will be governed by an Attorney-General’s-led Cyber Security Operations Board, but will include elements from Defence, the Attorney-General’s Department (AGD), CERT Australia, the Australian Security Intelligence Organisation, the Australian Federal Police, and the Australian Crime Commission. Major General Steve Day will serve as the Centre’s inaugural coordinator. For a good read on how the ACSC fits into the larger Australian cybersecurity space, take a look back at our Special Report on the emerging agenda for cybersecurity. Read more

Cyber wrap

Belgacom, Belgium's national telco, has alleged that Britain's GCHQ was involved in a man-in-the-middle attack on its infrastructure that has left it with a €15m fix.A month after purring down the line to UK PM David Cameron over the outcome of the Scottish independence vote, the Queen has decided to cut out the middle man and go straight to the world. HRH exhibited her openness to the information age by tweeting the opening of the Information Age exhibition at London’s Science Museum. The resulting celebrity tweet got the usual treatment—lots of retweets, favourites and, inevitably, abuse. Cue the ‘One is not amused’ headlines.

Speaking of middle men, Apple has issued an update in response to reports early last week from GreatFire.org that the Chinese government was engaging in man-in-the middle attacks on iCloud. If successful, the attacks would enable the perpetrators to decipher and monitor communications between two devices and alter messages if desired. The warning comes shortly after the release of the iPhone 6 in China, which apparently had its encryption boosted to keep the NSA out, and it’s possible that might also be vexing Chinese authorities. Read more

Cybersecurity by executive order

President Barack Obama delivers the State of the Union address on 12 Feb 2013. Earlier that day he had signed Executive Order 13636, aimed at improving critical infrastructure cybersecurity.

Today ASPI has released a Strategic Insight on President Obama’s cybersecurity executive order. The report breaks down the challenges, criticisms, and successes of the effort to date, before offering clear lessons from the US experience that can be applied to the Australian context. Here’s the executive summary:

On 12 February 2014, the US National Institute of Standards and Technology (NIST) released the Framework for Improving Critical Infrastructure Cybersecurity, the flagship accomplishment of the Obama administration’s 2013 cybersecurity Executive Order. Just weeks before the White House announced the order, the then Australian Prime Minister Julia Gillard made an equally exciting declaration introducing the Australian Cyber Security Centre (ACSC). One year on, the contrast between the two efforts is stark.

Facing years of congressional inaction on cyber issues, President Obama chose to take executive action on this critical national security issue. Executive Order 13636 set in motion a range of cross-governmental efforts to drive improvements to America’s critical infrastructure cybersecurity, with an emphasis on public–private partnerships. Read more

Remembering roles and responsibilities in big data, cybersecurity

Last week, David Schaefer introduced an interesting new dimension to the big data debate developing on The Strategist, that of cybersecurity. With defenders of metadata collection hammering home the counter-terrorism angle, the future utility of this type of surveillance for an equally pressing cyber threat has indeed been woefully overlooked. In fact, big data collection to identify anomalies indicative of cyberattacks or for forensic investigation already represents a highly lucrative business model for many IT companies. It’s also arguably a far more effective use of big data than counter-terrorism. But while metadata is a highly effective tool in this regard, the critical question is to what degree the governments should even be involved in protecting private cyber infrastructure.

Read more

Polarised cyber perspectives in the Asia-Pacific: what’s the ARF to do?

This post will be the first of a three-part series based on my participation in an ASEAN Regional Forum (ARF), hosted jointly by the Chinese and Malaysian Governments in Beijing. The intriguing title of the workshop was ‘Measures to Enhance Cyber Security—Legal and Cultural Aspects’. I’ll come back to why that’s so interesting in my third post, as it appears that the cultural aspect of the debate has caused a great deal of heated discussion amongst state representatives. But more of that later. My first two pieces will give a flavour of the thoughts I put forward in my address to the ARF.

In my first post on The Strategist I looked at the divisions that exist between the various states that are contesting cyberspace and suggested that there was a divided road ahead in terms of how cyberspace is governed in the years to come. Broadly speaking, the Western liberal democratic states of US, Australia, Canada, UK and Western Europe are on one side of the debate, and the roughly aligned Chinese, Russians and a collection of former Soviet states are on the other. But the picture in the Asia–Pacific region isn’t as clear cut and it’s far from easy to determine exactly where nations align or compete. Read more

Cyber wrap

cyber logoWelcome to the first weekly roundup of cyber security news. Each week we’ll be providing a list of selected articles on cyber threats, policy developments and technologies from around the world so that policy makers, industry figures and the public can keep more broadly informed on what’s taking place in this rapidly evolving area.

The biggest news of the week is the first meeting of the US-China Cyber Security Working Group, which is intended to act as a preliminary meeting to an annual high-level forum between the two heavyweights. To be a fly on the wall at this meeting would prove interesting, after a year of US anger at Chinese infiltration of its systems and theft of important defence information. Yet, one can sense that there would be more than a few questions raised from the Chinese about the US ‘Prism’ programme and claims from whistle-blower Ed Snowden that the US has been combing through Chinese systems as well as those of many of its allies. Watch this space to see how this dialogue progresses. Read more