AusCERT Replaced by CERT Australia for Government Services
Confusing names aside, the announcement earlier this month that the Australian Government would no longer be contracting services from AusCERT, the University of Queensland-based organisation, instead CERT Australia would be established by the government to provide those services, derived from its predecessor, GovCERT.
It appears somewhat strange that the Government has decided to establish what seems to be a parallel service provider, which is meant to be "the sole supplier of national CERT services to the community and the point of contact for international CERTs". There is several years of history behind AusCERT which will need to be overcome in order for this statement to become a reality. Comments from the current director of AusCERT suggest that the newly established CERT Australia would have a primary focus on critical infrastructure.
Based on the sort of issues that have been raised and managed through various global CERTs over the last few years, it would appear that AusCERT is still better placed to be the handler and processor of that information, even if CERT agencies don't really carry a lot of high profile or public awareness.
CERT Australia is just the latest step in the ongoing Cybering of Australian governmental agencies. In January, the Department of Defence established the Cyber Security Operations Centre (CSOC), and the CERT Australia announcement came at the launch of the National Cyber Security Information Exchange.
With the Commonwealth government pushing to be seen as a central hub for collation and dissemination of "Cyber Security Information", becoming a "trusted broker of information" and integrating with "national security and intelligence agencies", there is a lot of ground to cover in order to make itself relevant.
Is it all just window dressing? According to the Attorney-General, the online "global cyber-security environment" is getting worse, not better. The fact that it's just Information Security dressed up in a fancy new name (which sound like it should have been forgotten about in the early 90s) can't be hidden.
Unfortunately for the Government, it is highly probable that this new agency will have even less visibility and relevance than AusCERT and will go on to be a reactive bit-player in Information Security rather than the proactive leader they want it to be.
20 June 2010
Social bookmark this page at eKstreme.
Alternatively, Bookmark or Share via AddThis
Do you like how we cover Information Security news? How about checking out our company services, delivered the same way our news is.
Let our Free OS X Screen Saver deliver the latest security alerts and commentary to your desktop when you're not at your system.
Comments will soon be available for registered users.