Australia should appoint cyber security czar

Yahoo!7, ninemsn and Microsoft Australia say cyber security czar or ombudsman could better coordinate government and industry activities

The creation of an Australian cyber security czar or ombudsman is needed, but would be of limited use in the promotion of greater online security, a Senate inquiry has heard.

Ninemsn's compliance, regulatory and corporate affairs director, Jennifer Duxbury, told a committee hearing into cyber safety that there were already government agencies responsible for cyber safety issues, such as the Australian Federal Police and the Australian Communications and Media Authority.

“If there was to be an [cyber safety] ombudsman, one of the challenges would be the fact that a lot of cyber safety issues can be offshore, so there is a jurisdictional challenge there as to how an ombudsman would actually deal with complaints which deal with, for example, inappropriate offshore material,” she said.

Microsoft Australia chief security advisor, Stuart Strathdee, said a lot of work was already being carried out on cyber safety but an ombudsman or czar could contribute to greater direction and coordination of existing efforts.

“I think leadership is what’s critical, so we need to get a body or individual in place which demonstrates that they have pulled all of the data together and they are going to focus on two or three key areas and really demonstrate leadership,” he said.

Yahoo!7 legal and policy director, Samantha York, said having a central point of contact through which industry could channel its energy would be beneficial.

“I’d like to avoid yet another person being empowered to deal with these issues without addressing the fact there is already a number of disparate work streams taking place,” she said.

“I hope the aim of creating such a role would be to coordinate all those efforts across departments.”

The idea of a cyber security czar has been floated for some time.

In late 2009, Symantec’s global CIO, David Thompson, said such a role could be of major benefit to the Australian government as it looks to increase the security of government infrastructure and data.

“Government leaders need to take responsibility for making [security] a top priority and protecting their infrastructure,” he said at the time.

“Also, appointing individuals to head those initiatives up, otherwise your efforts are spread so thin across so many areas that your really don’t get the value.

"It’s an area that needs increased focus, but also increased spending to secure and manage our government entities.”

Follow Tim Lohman on Twitter: @tlohman

Follow Computerworld Australia on Twitter: @ComputerworldAU