Cyber wrap
15 Oct 2014|

blue boardLast week the government launched the third update to its cloud computing policy. In what’s being dubbed the ‘Cloud First’ policy, agencies and departments are now required to first consider cloud computing before traditional storage and networking. But it comes with the caveat that it must meet the agency’s IT requirements, provide adequate data protection and remain cost effective.

The announcement is set to please Microsoft, which last week had its Azure cloud service approved by the ASD’s Industry Security Registered Assessors Program. Azure is the first public cloud service to successfully pass the assessment.

Others are less pleased, arguing that ‘Cloud First’ policy lacks clear centralised leadership and specific targets, and without increased budgetary funding will fail. Only time will tell how well the new strategy is taken up.

President Obama has devised a solution to his own cyber policy woes according to White House cyber czar Michael Daniel. In an attempt to pass its latest batch of cyber security legislation through a hostile Congress, the Administration will now seek to break the bill into smaller pieces, allowing the passage of specific proposals that already have bipartisan support.

The White House is seeking to amend legislation to allow the Department of Homeland Security to work closer with the private sector on cybersecurity issues. But Daniel admitted that the new changes were unlikely to pass this year, and will face the new Congress in 2015.

Daniel’s comments were made at a Christian Science Monitor Q&A session where he spoke on several topics including killing the password as a form of authentication, data privacy and critical infrastructure protection. Watch the full event here.

China is upset at the United States again, this time for comments made by FBI chief James Comey who told 60 Minutes in a recent interview:

There are two kinds of big companies in the United States. There are those who’ve been hacked by the Chinese, and those who don’t know they’ve been hacked by the Chinese.

Clearly not a fan of the interview, Chinese Foreign Ministry spokesman Hong Lei labelled the allegations ‘fake’ and called on the US to stop attacking other countries.

Google announced this week that it’s tipping $60 million into a new submarine cable linking Boca Raton, Florida to the Brazilian cities of Santos and Fortaleza. The new link is set to boost slow internet speeds in Brazil and is backed by telcos and operators from Uruguay and Africa

Sources within the South Korean military have hinted at a pivot in the way their cyber command tackles cyber intrusions. Apparently sick of playing defence, the group is said to have now switched to ‘proactive operations’ whereby they’ll pre-emptively locate and attack websites they believe to be potential hosts of future attacks. The move is likely to be in response to the dramatic escalation in the number of infiltration attempts and defacements experienced by the government in recent months; 1,202 were recorded in the first 9 months of this year, up from 595 last year.

Finally for this week, ICPC International Fellow Jim Lewis has outlined a different approach to quelling the cyber wild west: an international Internet accord in the style of the Bretton Woods agreement. You can read his interesting piece in the Washington Post here.

Jessica Woodall is an analyst in ASPI’s International Cyber Policy Centre. Image courtesy of Jeff Jackowski.