E-Security Taskforce 2011
The IIA continues to mount a renewed national push to help empower Australia's internet using public and SMEs against the ever increasing cyberthreats we face.
The approach contains several key elements which we will implement as an industry and where appropriate in conjunction with Government.
1. icode - Promotion of the eSecurity Code of Practice: http://icode.net.au/
- This Code aims to provide a uniform response to addressing the problem of zombied computers on Australian networks. This is the most comprehensive national response yet undertaken to the problem, and builds on the successful AISI initiative that ACMA has been running in recent years. The scheme allows for an escalated response culminating in potential short term 'quarantining' of zombied computers.
- Users whose computers are suspected of being compromised are provided with access to information, resources and software.
- To date, some 29 ISPs representing over 90% market share of the online population are part of the icode.
- IIA member security product and services vendors are encouraged to participate in the icode program by representation on the resource page that all ISPs will be required to direct users to under the voluntary code of practice.
2. On 17 February, the IIA, in partnership with the Federal Attorney-General's Department, held a cross-sectoral industry roundtable to facilitate
- a better understanding of respective actions being taken in the US and Australia
- information sharing regarding emerging threats
- scope for further joint industry/government cooperation
- consideration of IIA’s icode and potential application elsewhere.
3. Cyber Security RoundTable 2 held on 2 June 2011 in during Cyber Security Awareness Week.
4. Security within the cloud.
At the recent IIA Cyber Security Forum (2 June 2011) it was agreed that we would continue with the E Security Virtual Task Force in relation to security within the cloud.
The IIA E Security taskforce met on 27th July 2011.
- Outcome: a recommendation from the task force the IIA should pursue some form of “trustmark” for Cloud applications.