Australian Government fortifies critical infrastructure

Australian Agencies agree to leave Chinese-owned Global Switch.

To support the Australian Government’s plan for Australia to become a world-leading digital economy over the next decade, Home Affairs will work with Government agencies, businesses, and the community to further enhance cyber security measures and protect critical infrastructure. The Department is responsible for:

  • The Surveillance Legislation Amendment (Identify and Disrupt) Bill 2020, which is now before the Joint Committee on Intelligence and Security that is focussed on the security risks which arise from the increasingly pervasive use of anonymising technologies;
  • The Security Legislation Amendment (Critical Infrastructure) Bill 2020, also before the Joint Committee, includes reforms to protect critical infrastructure and enable Government assistance to industry in the context of the most serious likely cyber-attacks on national systems;
  • The modernisation of the Surveillance Devices Act, Telecommunications (Interception and Access) Act and those parts of the Australian Security Intelligence Organisation Act governing the use of computer access and surveillance device powers as recommended by the Richardson Review–the Comprehensive Review of the Legal Framework of the National Intelligence Community.
  • Digital identities constitute an essential component of trust in online transactions. Home Affairs is working with the Digital Transformation Agency and other partner agencies to support the government’s digital identity program. This program will make available trusted digital identities for use in accessing government services online. As one element of this work, the Department is working with states and territories to complete the rollout of the Face Verification Service–subject to the passage of the Identity-matching Services Bill 2019.  The Bill has also been referred to the Joint Committee.

According to Michael Pezzullo Secretary, Department of Home Affairs the nation contends with parallel and concurrent strategic challenges, including (but not limited to) a global pandemic; extreme weather events; cyber-attacks; ideologically- and religiously-motivated violent extremism; risks to supply chains, telecommunications and critical infrastructure; espionage and foreign interference; deliberate disinformation campaigns; and misinformation which races around the world before truth has even tied the laces of its runners.

The establishment of the modern department was never about operational and tactical coordination, for instance in relation to counter-terrorism operations, where ASIO and the AFP possess a deep reservoir of professional skill and expertise.

It was always about long-term strategy and planning, and strategic coordination across a range of issues which see an intersection of security, economic and/or social policy interests, and where there is no clear departmental lead. In the era of the ‘grey zone’ between peace and war, of state competition, which is below the threshold of confrontation and conflict, and where some non-state actors are increasingly taking on state-like features and capacities, democracies can choose either to have such a department in place or be forced into creating such a department by force of circumstance.

Recently ITNews revealed Pezzullo told a senate estimates hearing in late March 2021 that most remaining agencies, including the Department of Home Affairs, had agreed to depart the Chinese-owned facility by that time. The department runs the multi-agency program management office that is co-ordinating the government’s exit from Chinese-owned Global Switch, originally planned for late 2020.

Pezzullo revealed the Australian Securities and Investments Commission (ASIC), the Australian Digital Health Agency and the Australian Communications and Media Authority (ACMA) have all agreed to leave the Chinese-owned data centre company by 2022.

However the Department of Defence will not be one of the agencies leaving Global Switch just yet, although Greg Moriarty, Secretary of the Department of Defence stated all of the most sensitive data was removed from this facility in May 2020.

Moriarty stated Defence has comprehensive security controls in place at the Global Switch Ultimo data centre to protect against compromise by a foreign power or other malicious actor. Control and access of the Defence data stored at Ultimo remains under full operational control of the Australian Government.

Consistent with the Whole‑of‑Government Hosting Strategy, Defence is taking a rigorous, risk based approach to migrate the remaining less sensitive data assets to an alternate data centre.

The Foreign Investment Review Board (FIRB) has in place strict foreign investment conditions on the operations and security of Global Switch Ultimo since the initial transaction. In some cases, foreign investment conditions could include restrictions on the involvement of non-Australian citizens and additional security requirements on individuals involved (such as security vetting). The FIRB’s compliance team monitors Global Switch’s adherence to the FIRB conditions on an ongoing basis.

The Australian Government has also announced and legislated the most comprehensive reforms of Australia’s foreign framework. Critical to those is the national security test requiring mandatory notification of investments in sensitive national security land and businesses. As a last resort, the Treasurer can review actions for which approvals have been given, if exceptional circumstances arise. The protections that were put in place as a condition of that approval means, if they are not adhered to, the Treasurer has the power to act in the national interest and intervene.

The strength of Australia’s foreign investment rules and the fact that Defence retains full operational control of its data at the Ultimo facility provides the highest level of assurance of Defence’s data as we complete the migration of the remaining Defence ICT assets.

 

 

 

 

Tags:

Leave a Comment

Related posts