Government data storage and cyber security provider Macquarie Government has become the first fully sovereign cloud company cleared to provide services to the defence department.

Companies are able to self-nominate for Defence Industry Security Program (DISP) certification, which is designed to ensure Defence goods and services are acquired from security-vetted supply chains.

To be eligible they must meet conditions around security, staff training and governance.

The membership means Macquarie can now submit for tenders relevant to its government, cloud, telecommunications and data centre services.

Certified Cloud Services List expires

It follows the expiry of the Australian Signals Directorate’s (ADS) certified cloud services list month, which left all prior certifications void.

A review of the Cloud Services Certification Program (CSCP) and Information Security Registered Assessors Program (IRAP) last July recommended winding up the CSC and creating new cloud security guidelines.

The decision, which was designed to support more home grown providers and cut red tape, also recommended enhancing the IRAP.

Macquarie Government CEO Aiden Tudehope says this potentially leaves government agencies without guidance as to which cloud providers are secure.

“Without the guiding hand of the CCSL, smaller agencies in particular will become increasingly reliant on independent assessments and validation of cloud service providers to make informed decisions,” he said.

“There’s a certification gap forming as CCSL ends and we await expansion to IRAP’s existing functions.

Government News understands an announcement related to certification changes will be made in coming weeks.

Beefed up powers for cyber security

Also this week, the Prime Minister  announced the nation’s cyber spy and security agencies will get a $1.35 billion injection to help ward off cyber attacks and expand the government’s cyber security workforce.

Scott Morrison on Tuesday unveiled the funding designed to bolster the ASD and the Australian Cyber Security Centre.

The Cyber Enhanced Situational Awareness and Response (CESAR) package,  the nation’s biggest ever cyber security investment, includes $31 million to help the ASD fight offshore cybercrime, $35 million for a new cyber threat-sharing platform and $12 million to block malicious websites and viruses.

More $118 million will go towards expanding data science and intelligence capabilities, and more than $62 million will help the ASD prepare for national cyber threats.

The ASD will also see the creation of 500 new cybersecurity jobs within the ASD, at a cost $470 million.

“This investment will significantly strengthen our agencies’ ability to tackle these threats,” Home Affairs Minister Peter Dutton said.

The remaining details of the package will be outlined with the release of the 2020 Cyber Security Strategy  later this year.

CESAR also forms part of a $15 billion investment  in cyber information and warfare capabilities that forms part of Defence’s 2020 Force Structure Plan released on Wednesday.

The announcement comes after the government last month revealed Australian government agencies at all levels had been targetted in cyber attacks by “a sophisticated state actor”.

Comment below to have your say on this story.

If you have a news story or tip-off, get in touch at editorial@governmentnews.com.au.  

Sign up to the Government News newsletter