ASD sees "frequency, richness" of cyber info sharing fall away

By

Reinforces the need to set up new trusted info exchange mechanisms.

The Australian Signals Directorate has lamented a decline in the “frequency and richness” of cyber incident data shared with it by the private sector, underlining - it says - the importance of restoring trusted channels for information exchange.

ASD sees "frequency, richness" of cyber info sharing fall away

In a parliamentary submission [pdf], the ASD makes its pitch for a so-called “limited use obligation”, an idea floated in last year’s federal cyber security strategy that could encourage cyber incident disclosure to the ASD and the national cyber security coordinator.

The information would be subject to restrictions, both in terms of who else can see it and in what it can be used for; the idea being that it would not be used against the sharer, such as to impose financial penalties.

In the parliamentary submission, the ASD said it faced “a decline in the quantity and quality of cyber security reporting.”

“Both feedback from industry and ASD’s operational experience bears out a steadily declining willingness to share information in a timely fashion among entities affected by cyber vulnerabilities or attacks,” the directorate wrote.

“ASD has observed a decrease in the frequency and richness of cyber incident reporting from the private sector, particularly critical infrastructure operators. 

“This means [both] a decrease in reporting about emerging cyber risks or vulnerabilities, which affects our ability to prevent incidents before they occur or minimise harm in the early stages of an incident; [and] a decrease in technical information, which allows us to understand national cyber threat trends and prevent further incidents.”

The ASD noted that the change was partially driven by growing regulation of industry responses to cyber security, which is driving “a more compliance-based approach from these entities as they assess their reporting requirements against regulatory rules.”

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:

Most Read Articles

Macquarie Uni to spend up to $700m on 10-year digital transformation

Macquarie Uni to spend up to $700m on 10-year digital transformation

Nissan A/NZ's outsourced cyber incident call centre breached

Nissan A/NZ's outsourced cyber incident call centre breached

Digital ID bill passes parliament

Digital ID bill passes parliament

Macquarie's banking CISO headed to Endeavour Group

Macquarie's banking CISO headed to Endeavour Group

Log In

  |  Forgot your password?