Australia needs a national security cloud: ASPI


By Dylan Bushell-Embling
Thursday, 11 June, 2020

Australia needs a national security cloud: ASPI

Australian national security agencies must develop a national security cloud and finally catch up to the private sector in terms of cloud adoption, according to the Australian Strategic Policy Institute (ASPI).

In a new report, ASPI argued that agencies’ slow adoption of cloud services due to initial concerns about the security of cloud technology have left them years behind the adoption curve.

“For agencies that rely on cutting-edge high technology for their capability edge, this is disastrous,” the report states.

“Unless it’s addressed rapidly and comprehensively, Australia will quite simply be at a major disadvantage against potential adversaries who are using this effective new technology at scale to advance their own analysis and operational performance.”

Australia will also fall further behind its allies, ASPI said, arguing that the US national security community has a lead of at least five years over Australian partner agencies.

This change must be driven by ministers and agency heads rather than CIOs and security staff, ASPI said.

“That’s because security accreditation standards and processes can’t lead technological change. By definition and by design, security standards are lag controls, based on what’s already understood and formed from experience with past and present technical systems,” the report states.

“Ministers and agency heads have both the responsibility and perspective to look beyond the important current technical security standards and rules and think about the capability benefit that cloud computing can bring to Australia’s national security.”

Accordingly, ASPI has called for the government to commit to major investments in cloud infrastructure and services for Australian intelligence agencies as part of any government stimulus to Australia’s digital economy.

“The intelligence community needs to make this shift as a community, not as a rag-tag band of loosely coordinated agencies with agency heads making separate risk-based decisions,” the report adds.

“This means avoiding the non-strategy that’s the Digital Transformation Agency’s Secure Cloud Strategy, which takes exactly that Balkanised approach to investment decisions.”

This collaboration should involve the development of a national security cloud that has agencies’ interoperability as a core principle, ASPI said.

“The most powerful cloud infrastructure and applications are useless without the fuel they need to operate — data. So, the maximum data needs to be brought into the national security cloud by each agency in the intelligence community,” the report states.

“This is rice-bowl territory, so the decisions will be divisive and difficult, but national capability, not agency fiefdoms, needs to be the overriding interest.”

Another key attribute for the national security cloud must be security. Information hosted on the cloud must be protected from both state and non-state cyber actors who are already targeting Australian government systems.

As a result, data must be hosted onshore, and security must go beyond personal and system security to include the resilience and integrity of the supply chains that cloud infrastructure and service providers rely on to produce their products.

“This is a newly obvious priority exposed by the vulnerabilities we’ve seen in global supply chains through the pandemic — and high-technology supply chains are particularly exposed to Chinese state influence unless security is a design principle baked in from the start,” the report states.

ASPI also advised against what it anticipates as a tendency to adopt cloud infrastructure at the lower levels of classification first before more highly classified data.

The institute argued that combining valuable top-secret information with the huge trove of lower classification and open-source data is a source of distinctive advantage that agencies can offer the government.

“So, failing to incorporate highly classified data holdings with the analytic horsepower and flexibility that cloud infrastructure and applications bring would be a bit like adopting jet propulsion for reconnaissance aircraft during World War II but sticking with piston-engine aircraft for your fighter fleet, even as your enemy chooses otherwise.”

Image credit: ©stock.adobe.com/au/natali_mis

Related Articles

How surveillance cameras facilitate a smarter and safer world

As Australia's population continues to grow, surveillance technologies will be crucial to...

Adapting to new cybersecurity challenges: a roadmap for Australian government agencies

Given the rise in cyber threats against government networks and critical infrastructure sectors,...

Growing fraud trends in Australian health care

As the healthcare landscape evolves, so do the methods of fraud.

Content from other channels on our network

'Curving' light beams could enable terahertz comms

Panasonic offers private 5G network testing in Munich

Antenna upgrade enables better sewer management

60 million Aust drone flights predicted for 2043

The fire on Marley's Hill

EV future for Monash Uni

Shell Cove battery launched on NSW South Coast

Million-dollar rooftop solar for Kimberley hospital

Protecting wildlife from electrical assets — and vice versa

Immersive VR training for electricians

Australian regions with high cardiac arrest rates and low CPR: study

Australia is getting good value for health dollar: report

Medical drone project to service rural, remote Australia

Specialised LGBTQ+ health service to open in NSW

Hospital teams with intersecting roles more effective: study

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd