New Cyber Hub programs
On 1 November 2021, the Digital Transformation Agency (DTA) and Australian Cyber Security Centre (ACSC) jointly announced the government’s new Cyber Hub programs.
As the delivery mechanism of the Hardening Government IT (HGIT) initiative, established under Australia’s cyber security strategy, Cyber Hubs is a multi-year, whole-of-government initiative designed to uplift the cyber security posture of all federal government agencies. It aims to achieve this by centralising management and operation of cyber monitoring, detection and response.
Four Cyber Hub pilots.
On 28 April 2021, Minister Stuart Robert announced the pilot programs for four Cyber Hub lead agencies had commenced – Department of Home Affairs, Department of Defence (DoD) and Services Australia and Australian Taxation Office (ATO) – with each responsible for designing and implementing their own Hub.
The core services and operating models for each will be tested and used to inform the design of the Whole-of-Government Cyber Hubs operating model. The pilots will also inform the second round business case and budget submissions for the program. The program is yet to be funded beyond the pilot.
It is expected these Pilot agencies will go on to become the Cyber Hubs providing services to all other agencies once the program is fully operational.
Cyber Hubs Co-Design with Industry.
The DTA has also commenced industry consultation, most recently through a Request For Information (RFI), and has announced an industry co-design process to commence in February 2022.
This RFI sought input from the Australian Cyber Security Industry on how they can support Cyber Hubs, particularly around 42 “Core Services” identified as part of the Pilot and grouped under the following 5 Functions:
- Cyber Threat Intelligence (CTI): Consuming, contributing and providing feedback on shared threat intelligence.
- People, Culture and Training: Communication and education across the entire range of seniority and roles within government.
- Governance, Risk and Compliance (GRC): Conducting training, assessments, reporting, policy implementation and documentation for risks and vulnerabilities.
- Operations: Delivering ongoing protection, support, monitoring and incident response for network (including DNS), web, email and email traffic; including filtering and blocking, traffic and bandwidth management, and proactive threat hunting.
- Engineering: Detection and protection for networks and endpoints, including anti-virus and intrusion detection/prevention (IDS/IPS).
Macquarie Government has responded to the RFI and is continuing to consult with relevant government agencies, including our customers. As a leading provider of Government cyber security services, the DTA has invited Macquarie Government to participate in the industry co-design process.
Bringing Cyber Hubs to life.
One of the challenges for the Cyber Hubs program is the ability to raise their individual security posture to a standardised level, and then to operationalise the program roll out to all other ‘sub’ agencies.
While there is recognition that the Cyber Hub program will most likely cost more than the current model, even with greater funding. An important consideration is that, since agencies are busy with multiple internal, adding the hubs initiative on top of existing workloads could create risks as to each ability to execute. One only needs to look at the high vacancy rates (25%+) across the Commonwealth in cyber security and more generally, IT roles.
The DTA RFI process suggests Government recognises it will only be able to achieve the uplift in cyber security posture if it leverages industry partners who have existing capabilities at scale (eg AGSVA-cleared Security Operations Centre (SOC) teams). Building their own will be problematic, prolonged and highly distracting for the lead hubs.
Having built nearly all of the required capabilities for Cyber Hubs through our work with the ATO over the last 2 years, combined with the Cyber Security work we do across 42% of the Commonwealth, we have spent considerable time with policy advisors in Canberra providing our input as to the challenges and opportunities to the operationalisation of the Cyber Hubs program.
Furthermore, we anticipate our work for the Commonwealth as a way for expediting a rapid and frictionless Hubs rollout. We are highly supportive of the need to raise the Cyber Security posture of Government and look forward to working with the Cyber Hub pilots to realise this goal.
Recognising the criticality of input from government agencies is reflected in the co-design, Macquarie Government is consulting with our customers before and during the process. If you are from an agency in a role that intersects with cyber security and would like to know more or provide input, please get in touch using the form below.