Australia's incumbent telco Telstra is calling upon the government to take the pulse of Australia's cyber posture, by way of a national stocktake and cyber check survey.
In a submission to the Department of Home Affairs review of the national 2020 Cyber Security Strategy, Telstra said the Australian Cyber Security Centre (ACSC) should know the current state of cyber throughout the economy.
"We believe a ground-up 'national stocktake' is required, using a more comprehensive range of data points," Telstra said.
"This stocktake should cover end users, small businesses, and large companies, and where possible include data from existing law enforcement and government reporting, such as ScamWatch and the ACSC's recent Small Business Survey."
The telco added that industry should provide advice on how to contribute "anonymised and meaningful data", since businesses have the "most coherent and detailed view" of threats they deal with.
The telco added that the ASX 100 Cyber Health Check Report released in April 2017 be repeated, and proposed the survey be split between strategic questions to boards, and technical questions to CISOs and cyber teams.
The sharing of threat information within Australia needed improvement, Telstra said.
"Challenges continue to face operational information sharing in Australia, due to a reliance on individual relationship-based sharing rather than more resilient operationalised arrangements," it wrote.
The telco proposed a number of recommendations to improve communication within industry and from government to industry, which included the use of Slack groups curated by ACSC.
At the most recent Senate Estimates, the ACSC was unable to answer the question on whether the Slack channel it was using for threat indicators was encrypted. As of November, the question remains officially unanswered.
As part of the Cyber Security Strategy review, an industry advisory panel has been formed. Chaired by Telstra CEO Andy Penn, the panel also includes chair of Vocus Group Bob Mansfield, former Telstra CFO and now Tesla chair Robyn Denholm, CEO of Northrop Grumman Australia Chris Deeble, and NBN chief security officer Darren Kane.
Home Affairs Minister Peter Dutton said Penn was "incredibly well qualified" to chair the group and has a "deep knowledge of the cyber risks". Penn's background is in accounting.
"I want to thank the Australian community for their enthusiastic participation in the consultation so far," Dutton said.
"More than 1,000 people attended a consultation event in person, and my Department received more than 200 submissions with more than 1,300 pages of written feedback. The government will carefully consider all of these views".
Other submissions have said the government should reinstate the position of Minister for Cybersecurity, and for clarification on the cyber roles various parts of government are responsible for.
Source: https://www.zdnet.com/article/telstra-calls-for-australia-to-undergo-national-cyber-stocktake/