http://australianit.news.com.au/articles/0,7204,18214035%5E15319%5E%5Enbv%5E15306,00.html Jennifer Foreshew The Australian FEBRUARY 21, 2006 MORE than 90 per cent of Australia's critical infrastructure was operated by corporations that were expected to protect themselves against e-crime as well as terrorists and overseas attacks, a conference has heard. The public and private sectors were interdependent and relied on national and global networks to do business and provide day-to-day services, a cyber-terrorism expert said. Speaking at the Chief Information Officers City Summit in Sydney last week, Matt Warren said a well targeted cyber-based attack could disrupt water, power and food supplies, and bring society to a standstill. "Government is trying to persuade corporations to increase security on those systems," Professor Warren told The Australian. "However, companies are not being given any extra funds to do that. They are just asked to do it in the national interest." While businesses had a duty of care for their own organisational assets, they were now expected to plan for extraordinary security risks at a national level, he said. "The problem is they are not going to have access to the threat information, so it is hard for them to determine the security risks that they face." Professor Warren, who is head of Deakin University's School of Information Systems, said another issue was that many corporations were not Australian-owned. "In Victoria, there are electricity suppliers that are owned by Singapore companies," he said. "So there may be resistance to increase expenditure on security to protect Australia." Part of the problem arose from Australia's lack of a critical infrastructure protection centre to assist business, or a department of homeland security, he said. Prime Minister John Howard has rejected the idea of a department of homeland security, which was embraced by Labor at the last election. A single critical infrastructure protection centre could achieve better co-ordination between business, law enforcement, intelligence and security agencies, along with civil authorities and defence organisations, he said. Australia should also draw on the experience of Canada, New Zealand, Sweden, Britain and the US, which had all established such a co-ordination centre, he said. "The reality is that Australia could not react to an incident in real-time," he said. "The number of government organisations involved creates complex decision-making and wastes resources." _________________________________ InfoSec News v2.0 - Coming Soon! http://www.infosecnews.org
This archive was generated by hypermail 2.1.3 : Mon Feb 20 2006 - 22:55:41 PST