“I told Rex Tillerson, our wonderful Secretary of State, that he is wasting his time trying to negotiate with Little Rocket Man… Save your energy Rex, we’ll do what has to be done!”
– US President Donald J Trump, @realDonaldTrump Twitter posts, 10:30am & 10:31am, October 1, 2017
As the threat escalates of nuclear war with North Korea and an increasingly recognised Cold ‘Cyber’ War between the USA and China and Russia, there is a glaring gap in Australia’s policy in regards to the national security industry.
Government initiated segregation is supporting cyber security and defence industries, whilst at the same time closing institutions, such as the Protective Security Training College. The departure from recognising physical security, in a cyber-physical environment is apparent and appears as a knee-jerk policy panic. The calls for collaboration are contradicted with a focus on silo security sectors. Indeed, even the Australian Government funded Australian Cyber Security Growth Network, has changed its name within months of its launch, now just ‘AustCyber’, dropping what ‘were’ key words of ‘security’, ‘growth’ and ‘network’.
For two decades, security industry groups have repeatedly called for policy and legislative reform to state based regulations. Yet they have been ignored. There is no shortage of evidence showing Industry support, so any self-claimed ‘Industry-led’ group, funded by the Federal Government, better have the right intentions. Yet, will they recognise the cyber-physical security domain? If physical security continues to be sidelined in a cybersecurity discussion, those pushing ‘only cyber’ can hardly have ‘security’ credibility or genuine intent. The security industry, as a whole, needs to generate and continue vigorous debate and firm discussion of the necessary policy and regulations needed in a digital, dangerous environment, where threat actors increasing gain foothold and create opportunity for themselves. To say cyber threat actors don’t engage with or circumvent physical security frameworks of an enterprise is ill informed and demonstrates a lack of capable threat modelling…Click HERE to read full article.
