Oh no, you're thinking, yet another cookie pop-up. Well, sorry, it's the law. We measure how many people read us, and ensure you see relevant ads, by storing cookies on your device. If you're cool with that, hit “Accept all Cookies”. For more info and to customize your settings, hit “Customize Settings”.

Review and manage your consent

Here's an overview of our use of cookies, similar technologies and how to manage them. You can also change your choices at any time, by hitting the “Your Consent Options” link on the site's footer.

Manage Cookie Preferences
  • These cookies are strictly necessary so that you can navigate the site as normal and use all features. Without these cookies we cannot provide you with the service that you expect.

  • These cookies are used to make advertising messages more relevant to you. They perform functions like preventing the same ad from continuously reappearing, ensuring that ads are properly displayed for advertisers, and in some cases selecting advertisements that are based on your interests.

  • These cookies collect information in aggregate form to help us understand how our websites are being used. They allow us to count visits and traffic sources so that we can measure and improve the performance of our sites. If people say no to these cookies, we do not know how many people have visited and we cannot monitor performance.

See also our Cookie policy and Privacy policy.

This article is more than 1 year old

Australia on the very brink of cyber-geddon, says ex-spook

Not really, says the document he was launching

Blood will flow in the streets, human entrails will adorn our flagpoles, and zombies are on the way to eat our brains, according to one of the architects of fortress Australia.

As well as promising cyber jihadist attacks, former Australian Security and Intelligence Organisation (ASIO) boss David Irvine, whose credits include long advocacy for the data retention regime that was enacted by the government this year, also told the country our “cyber maturity” has slipped.

Actually, it hasn't, in spite of the hyperventilation that a superannuated spook should warn us about “terrorists” developing “destructive attack capabilities in the near term”.

Irvine was launching this document by the Australian Strategic Policy Institute, which has been widely – and wildly inaccurately – cited as saying that Australia's cyber security is slipping.

It's not, it's just that the breathless community of national security reporters didn't bother to read the report (which is probably worth its weight in cybers, given the woeful inadequacy of political and administrative clue in Canberra).

Australia's score in the Australian Strategic Policy Institute's Cyber maturity in the Asia-Pacific Region 2015 rankings rose slightly between 2014 and 2015; so did some other countries, three of them slightly further than Australia's.

In other words, if you accept the basis of the ASPI's assessment, Australia gained slightly in its cyber maturity, as did every country on the list except North Korea, Myanmar and Papua New Guinea.

The change in Australia's readiness, a score-improvement of 4.1 was pretty close to the average for all the nations that are present in both the 2014 and 2015 assessments (score change of 3.9), and similar to Indonesia, India, and the United States.

Here, however, is the stinger: in spite of Irvine's apocalyptic vision (which The Register has heard from natsec types ever since Richard Clarke told the world planes were about to drop out of the sky ... in 2001) doesn't speak to the actual content of the ASPI report.

The report is an assessment of policy, administrative, and to a degree, enforcement arrangements. To quote from the report:

“‘Maturity’ in this context is demonstrated by the presence, effective implementation and operation of cyber-related structures, policies, legislation and organisations. These cyber indicators cover whole-of-government policy and legislative structures, responses to financial crime, military organisation, business and digital economic strength, and levels of cyber social awareness.”

The ASPI document is a policy document; that's its purpose and value. It's not a technical assessment – it does not, for example, tell us how hard it would be to get from an iPhone in Syria to an electricity generator's control system at the thermal coal plant in bucolic Wallerawang. ®

Similar topics

TIP US OFF

Send us news


Other stories you might like