Appendix A: Industry Knowledge Priorities

Appendix A: Industry Knowledge Priorities

by acsgn_admin

Appendix A: Approach to developing knowledge priorities

Knowledge priorities have been developed in line with the current and foreseeable needs and opportunities for industry research and commercialisation in the Australian cyber security industry. They will be used to inform the activities of the ACSGN as it works with industry and the research community to improve research focus, collaboration and commercialisation performance. This includes engaging with stakeholders in existing cyber security focus areas to develop cyber security capabilities in Data61 and the Defence Science and Technology Group, as well as in universities across Australia. ACSGN will use its nationwide networking expertise to work towards maturing Australia’s cyber security ecosystem and also rely on Data61’s existing arrangements with Australian universities on research and commercialisation.

The knowledge priorities for the Australian cyber security have been developed based on a literature review of existing research focuses and consultations with stakeholders as part of the development of this Sector Competitiveness Plan.  The major documentary sources are the Australian Government’s Science and Research Priorities and the CSIRO’s report Enabling Australia’s Digital Future: cyber security trends and implications.

Knowledge priorities

1. Emerging prevention, detection and response technologies

    1. Prevention: New ways of supporting the nation’s cyber security by discovery and understanding of threats, vulnerabilities and opportunities
      1. Being dynamic and pro-active with approaches to identifying vulnerabilities, including tools to better predict malicious actor drivers and behaviour
      2. Prioritising risks in order maximise the value and impact of prevention efforts
      3. Classifying these vulnerabilities
        1. Exploitation by malicious actors
        2. Non-malicious events such as natural disasters, equipment failure and human error
      4. From this, developing national resilience, including
        1. Encryption of data
        2. Distributed storage systems that mitigate the impact of a breach
        3. Improved user behaviour
    2. Detection: Discovering and assessing intrusions
      1. Determining which technologies can be used to discover intrusions, and developing methods to differentiate this activity from normal human/machine behaviour
      2. Developing methods to detect a breach even if nothing has been affected yet
      3. Developing technology to increase the frequency of audits without hampering business activities or incurring significant costs
    3. Response: Recovering from a breach
      1. Determining what technologies can be used to remove all known infected systems, applications and devices from the network
      2. Understanding ways to embed lessons learned for human behaviour and workplace culture
      3. Increasing the speed at which cyber security breach info is shared across the community
      4. Ensuring systems continuity, including through self-healing systems

2. Identity, authentication and authorisation in the cyber domain

    1. Finding new strategies and techniques for systems, applications and individuals to verify, identify and establish trust, including understanding the implications of the abuse of trust
    2. Identifying ways to manage the increasing digital access points (and therefore threat vectors) because of trends toward integrated platforms and mobility
    3. Identifying the best use of advanced sensors/intelligent devices to verify trust

3. Ensuring security, privacy, trust and ethical use of emerging technologies and services such as

    1. Cloud computing
    2. Cyber-physical systems, including IoT, robotics, self-driving cars etc
    3. Machine learning
    4. Big data and data analytics
    5. Mobile applications

4. Approaches to deal with the increasingly ‘shared’ responsibility of cyber security

    1. Developing a better understanding of user behaviour at the macro level (including norms of behaviour in cyberspace and user interaction with integrated platforms) and its impact on cyber security
    2. Ensuring the evolution in cyber security policies and skills closely match changes in technology, our adoption and then dependence
    3. Creating a culture with a deeper understanding of cyber security challenges and breaches, including the importance of information sharing, recognising the interdependence of cyber security with national security, national interest and economic prosperity