The cybersecurity resilience of Australia’s critical infrastructure operators is now a mainstream issue.
Significant cyber attacks on Optus, Medibank and Latitude Financial in the last year have shown just how devastating such an incident involving critical infrastructure can be, with millions of Australians impacted.
The federal government has also recognised the importance of this space, with the Security of Critical Infrastructure regime now off the ground, imposing a range of new obligations on critical infrastructure operators across 11 industry sectors.
These sectors include electricity, communications, data storage and processing, financial services, healthcare, higher education, space tech and defence industry.
The new obligations include the maintenance of a critical infrastructure risk management program, and a framework for enhanced cybersecurity obligations for operators of infrastructure deemed to be of national significance.
Critical infrastructure is increasingly being targeted by malicious cyber actors, with up to a quarter of all cyber-attacks in Australia targeting these operators, and the impacts of these breaches can be far more significant than other attacks.
Along with the government reforms, organisations are now looking for the solution to mitigating these significant cyber threats and critical infrastructure operators are working together to fight this growing threat.
David Sandell is the CEO and managing director of the Critical Infrastructure Information Sharing and Analysis Centre (CI-ISAC), which is driving a community-based approach to uplifting cyber defences and combating this rising danger.
In this episode of the Commercial Disco podcast, Mr Sandell described how the CI-ISAC is working with the federal government to promote threat information sharing across the board, how it is aiming to assist small businesses and the current threat landscape for critical infrastructure operators.
CI-SAC is a non-profit organisation aiming to bring companies together to discuss the growing cyber threat, Mr Sandell said.
“Fundamentally we wanted to bring together industry in a safe, trusted environment to share information on cyber threats,” he told the Commercial Disco podcast.
“That’s the headline — the reason we wanted to do that is to help them work together to more effectively manage their cyber risk.”
The centre helps to collate the information and interpret it for the participating firms.
“There’s a lot of information out there, lots of people will try to sell you threat intelligence and every second cybersecurity product is going to be talking about threat intelligence,” Mr Sandell said.
“You need to relate that to your own environment — not every threat is something you need to worry about.”
This is especially beneficial for smaller players that might not have the resources to do this internally, but are still just as vulnerable to a cyber attack, he said.
“A lot of critical infrastructure providers just don’t have the resources to make sense of what’s out there to do anything about it,” Mr Sandell said.
“We wanted to pull together that information, sharing elements, and then really beef up the analysis centre side of things, which is your central organising functions that actually add value and context and make sense of threats, and get that out in a way that is usable by the broad membership.”
The CI-SAC is engaging with the federal government and aiming to complement existing initiatives such as the Trusted Information Sharing Network, which involves members meeting regularly to share information on threats.
The centre also gets information from industry on a daily basis, and then “augments and enriches” this data to provide useful, usable intel to its members.
The CI-SAC is aiming to have members across the spectrum of company size and the 11 sectors covered in the critical infrastructure regime, with a particular focus on SMEs.
“There’s a lot of entities that just don’t have anything – they don’t have the resources or the ability to understand what to do. And that’s really the space that we want to be focusing on, and why we structured things in the way we have where we can bring in those mature players,” he said.
“This is non-profit, we’re doing this because we care about the mission and actually uplifting Australia’s cyber defences. There is no commercial upside for anyone involved in this — we want to be building this ecosystem in a sustainable way.”
Do you know more? Contact James Riley via Email.