Project Grey Goose and Security Trust Networks are discussed in Australian Parliament Committee hearing

Last Updated on Thursday, 1 October 2009 06:29 Written by Jeffreycarr Thursday, 1 October 2009 06:29

There’s a very interesting collection of expert testimony given before a committee of the Australian Parliament investigating  Australia’s cyber security problem that is now available online. In the snippet I posted below, one member of the House of Representatives Standing Committee on Communications, Ms Rea, seeks clarification of how a Security Trust Network like Project Grey Goose can become more formalized and assist the government in its detection efforts (a subject near and dear to my heart).

Ms REA—I am quite interested in these security trust networks. I know we have talked about them a bit, but what has been emerging, through the submissions we have received and the evidence given today, is that the whole issue around detection and, therefore, conviction of a crime, is probably the most difficult in this area—trying to find these people, and having domestic laws governing this when, in fact, it is an international crime and you may never be able to prosecute the criminal.

It is the first time we have actually heard of some sort of a system which has actually worked to at least be able to detect and find these people in a meaningful way. When you say that a group of interested parties can come together and achieve this, clearly there must be opportunities there for not just a government but collaboration between governments to be able to deal with this. Would you like to expand a bit on how these networks could actually become more formalised and effectively become detection agencies, if that is what they would be?

The full Committee hearing includes testimony by representatives from AUSCERT (I didn’t know that Australia has one of the oldest Computer Emergency Response Teams in the world), and Telstra, among other companies. The above quoted section is in an exchange with a representative from Fujitsu Australia, for whom we’ve done some work earlier this summer.

A New and Very Ambitious Cyber Security Centre Opens in Belfast

Last Updated on Friday, 25 September 2009 09:11 Written by Jeffreycarr Friday, 25 September 2009 09:11

This is the brand new Centre for Secure Information Technologies (CSIT) at Queen’s University, Belfast, Ireland. According to BBC News, “the £30m Centre for Secure Information Technologies (CSIT) at Queen’s will become the UK’s principal centre for the development of technology to counter malicious ‘cyber-attacks‘.

One of the most ambitious projects, according to the BBC news report, is CSIT’s plan to develop real-time, automated monitoring of the UK’s 4 million CCTV cameras’ feeds. I’m not an engineer, but it seems to me like that would be quite a neat trick if they can pull it off.

The other statistic that I found startling is that an estimated 97% of the UK’s businesses “rely on the Internet and other IT systems.” Talk about identifying a vulnerability in a potential adversary. No wonder so many governments and non-state actors are engaging in cyber attacks for various purposes. It’s the new “great equalizer”.

In fact, I am SO making this tee shirt: God made men but Vint Cerf made them equal. Now I just need to find a suitable graphic replacing John Colt’s Peacemaker with something representing the Internet.

Raytheon looks to hire “Cyber Athletes”

Last Updated on Sunday, 2 November 2008 09:56 Written by admin Sunday, 2 November 2008 09:56

Excerpted from the Washington Business Journal (empasis added):

Raytheon Co. has 150 slots open in the area — mainly in Falls Church — and the Waltham, Mass.-based company plans to fill those posts in three to four months. By the end of 2009, that number will be 250.

Described as “cyber athletes” on job search sites, the junior- to senior-level candidates are people who get “jazzed by the exercise of using hand-eye coordination for tackling complex problems,” says Steve Hawkins, vice president of information security solutions at Raytheon. “Engineers who drink Red Bull and Mountain Dew by the caseload to fight the digital cyber war,” are welcome.

Why the need for more cyber help? Raytheon has taken three cyber companies under its wing in the past year, and due to an increase in — and severity of — data breaches, cyber security funding for the coming fiscal year will go up 10 percent to $7.3 billion. That is a 73 percent increase since 2004. Hawkins expects the biz to jump 15 to 30 percent a year.