By Paul Hemsley

Topics included cyber and e-security, strategies, government transparency, privacy, and local government security.

Director of E-Security Strategic Projects at the Attorney General’s Department David Campbell said local government manages a lot of critical infrastructure systems in security.

“Those people have been working with us for quite some time and they understand it,” Mr Campbell said.

Mr Campbell said cyber security is a much wider and global issue and the only way to address that is for governments, departments and businesses to “work together”.

“I don’t think this concept of the ‘island nation’ exists on the internet and that was the core of the Attorney General’s message,” Mr Campbell said.

According to Mr Campbell, businesses and governments need to invest more in the people they train to work in the systems to increase knowledge and education in cyber security.

First Assistant Secretary of the Cyber and Information Security Division at Defence Signals Directorate Mike Burgess said industry partners are important and are seen in four key areas, probability, vulnerability, capability, and capacity.

“Industry is about capability, they can do things that we can’t and don’t want to do,” Mr Burgess said.

The Cyber Security Operations Centre is set up to give government an understanding of the threat and coordinate operational response when there is a “major significant cyber event”.

“When that happens, that will not be government working on it, we’ll be picking up the phone to our trusted industry colleagues and they will be very much a part of any response to some major event that’s affecting us nationally,” Mr Burgess said.

According to Mr Burgess, Defence Signals Directorate has a number of relationships with the security industry because government alone cannot address the problems in cyber security because of the need to draw on external expertise.

Australian Information Commissioner John McMillan said as the amount of information held by government and industry grows, there is a greater pressure for responsible information management.

“The issue of balance always has to be struck in information management, drawing the right balance between secrecy and security in open government and particularly resource considerations on how information is disclosed,” Mr McMillan said.

“In striking that balance, it has to be remembered that there is pressure for openness or transparency that is strong, growing, international and irreversible.”

According to Mr McMillan, it is “likely” that government will be moving towards even stronger privacy protection giving the recent privacy tort on media as an example.

“There have been suggestions of imposing mandatory data breach notification on government agencies and industry, and there’s also the suggestion that the Australian Privacy Regime should have financial penalties added for agencies and businesses that breach privacy principles,” he said.

Mr McMillan said the 4A Framework, a tool for assessing enforcement of national security initiatives and giving consideration to privacy principles at the same time has been repackaged picking up four stages in ensuring proper privacy protection in a legislative program initiative in the national security and law enforcement area.

He said the stages are analysis, authority, accountability and appraisal.