11 minute read
Security, Risk & Technology
www.australiancybersecuritymagazine.com.au
Connection, not Collection
The Essence of Lesson and KnowledgeManagement in Western Australia’s EmergencyManagement Sector.
An adapted article from a research thesis.
By Chas Capewell
There has been steady improvement toward understanding the value of knowledge through lessons in Australia’s Emergency Management sector, particularly since the National Strategy for Disaster Resilience (Department of the Attorney-General, 2011) highlighted that emergency service organisations must focus on a sector-wide attitude to knowledge sharing. Smith and Elliot’s (2007) argument however, is that any useable post-event information still fails to be properly integrated for it to work and for any length of time. So, the question is if the lessons-learned approach is the way forward, how it is implemented for emergency management agencies to comprehend it? Smith and Elliot’s argument is that although organisations must learn from previous events if they wish to be successful in the future, they must do more to practice information sharing, reflect on learned and acquired knowledge to become valuable in an operational environment full of uncertainty.
Study Background
Lesson and knowledge management is not a new concept in the emergency management domain. Prince’s (1920) examined the lead up and response to the 1917 Halifax explosion and outlined preparedness stages to ensure such events would not reoccur. This highlights a pioneering example into preparedness using lessons-learned (Perrow, 1967). In examining Princes work, Rostis (2007) concluded that lessons must motivate change, or at minimum, adaptation, to ensure repeated oversights do not reoccur. Nevertheless, research continually highlights that emergency management agencies are yet to be as effective as they could be given their operational tempo demands adaptability to changing situations.
Torlak (2004) stressed that a critical aspect of staying ahead in such environments, is for agencies to be cognizant of generating a workplace committed to learning and as Edmondson, Gino and Garvin (2008) explain, a competent learning organisation is particularly savvy across two critical skill sets. First, their aptitude to acquire, interpret, share and retain information and second, their ability to adjust their organisational mindset to this new information. Argyris and Schön (1978) and Senge (2003) suggest that if agencies commit to a culture of learning, then decision makers and leaders build the ability to grow individual and operational capabilities through knowledge retention and integration.
Study Significance
This study examined the barriers to effective lesson and knowledge integration from previous inquiries to potentially advance the capability of emergency management in Western People look at her strangely when she tells them that the journey actually began back when she was a patent examiner in genetics, biotechnology and food sciences. The next question is inevitable: You’re a genetic engineer – how did that get you into cyber security?
Women in Security With Chris Cubbage Executive Editor
You’re a genetic engineer How did that get you into cyber security?
Pip Wyrdeman, Director Cyber Systems and Services – Australia, Elbit Systems of Australia
Australia’s former Senior Adviser Cyber Policy, Department of the Prime Minister and Cabinet, Philippa ‘Pip’ Wyrdeman, is now the Director Cyber Systems and Services Australia at Elbit Systems of Australia.
Where did it all start, ten years ago? Pip found herself seconded out of a scientific role and into a change management role, acting as the key conduit between a parent business unit and an IT project in a transition to a paperless environment. “That experience was priceless to me,” recalls Pip, “during that time I developed a number of procedures and policies around the new IT system that led, eventually, to a contract role to develop a policies and procedures framework for the IT environment of AusAID.”
“In that role I also took on responsibilities for the intellectual property, records management and the IT security policy development. That led to a role in ICT Policy in Defence, which led to working up architecture strategy and eventually into business relationship management for Defence’s intelligence functions, including for the Australian Signals Directorate and the Australian Cyber Security Centre. All this, almost naturally, led to me applying for a role in the Office of the Cyber Security Special Adviser. The opportunity to drive and influence Australia’s cyber security policy settings across industry and academia was too good to miss.”
Throughout her life, Pip was fortunate to have had one mentor of the greatest influence, her Father. A retired Rear Admiral in the Navy and with subsequent leadership roles, Pip was able to leverage her own challenges and seek guidance based on his experience. “As I developed as a manager and leader, and he took on bigger challenges that saw him dealing at the highest levels of government, I learned
By Jane Lo
Singapore Correspondent
Comparisons of the Apollo Guidance Computer (AGC) with our modern IT inevitably brings to attention the relatively primitive technology that put man on the moon. That an iPhone is millions of times faster and more powerful than the AGC adds to our appreciation the incredible engineering feat achieved with a 64kByte memory, and the relentless pace of technological development encompassed in Moore's Law.
At the Global Space and Technology Convention (GSTC, Sheraton Hotel Singapore 2-3rd February 2018), world’s leading companies in Space technologies, including Airbus and Thales Alenia Space presented the take-up of Artificial intelligence, BlockChain, Machine Learning and Big Data Analytics in the Space Technology sector.
Not surprisingly, Cyber Security, was also an important area of focus.
Dr Alexander Ling, Principal Investigator, Centre for Quantum Technologies, National University of Singapore, The “Future of Unhackable Data” introduced the role of Micius satellite in shaking up the field of cryptography.
But “why should we care?” he asked.
Reliability of an encryption approach requires unhackable keys – a problem which Quantum technology is deemed to exacerbate on one hand, but able to solve on the other.
Breaking mathematical encryption schemes is extraordinarily difficult today but with powerful computers, reverse-engineering the keys is perceived as a near-term reality and less of a theoretical discussion.
Arguably “hackability” can be mitigated with a larger key size, provided that keys are distributed with maximum security. So, how can key negotiation protocols (short of a physical transport) be designed to ensure that only intended parties have them - that is, no eavesdropper has copied the key during its distribution?
While quantum computers which are likely to break encryption and reverse-engineer keys are still at the early stages of research, there are already working prototypes of QKD, or Quantum Key Distribution.
This technology exploits properties of photons to transmit data for secure sharing of a key between a sender and a receiver. To steal the key would require knowing the photon properties – which due to quantum physics law, is impossible without changing the properties’ behavior and alerting the sender and receiver to the attempted hack.
The best optical fibers carry these photons to 200 kilometers before light absorption distort the process. Entanglement, where two particles behave like one regardless of distance apart, enables QKD over long distances.
The Micius satellite demonstrates this over 7,600 km by distributing the key from orbit. When the satellite is over the Chinese ground station (at Xinglong, Hebei province), it sends the one-time pad to the ground, encoded in single photons. As the Earth rotates beneath the satellite and as the ground station at Graz in Austria comes into view, Micius sends the same one-time pad to
Session Takeaway: Nick Heudecker, Research VP with Gartner, speaking at the Gartner Data& Analytics Summit in Sydney in February. Nick provided a session on the misunderstanding,or the overwhelming hype, of blockchain technologies.
by Chris Cubbage
Executive Editor
There is so many different dimensions to blockchain and how it can be applied to existing and new business models that there is going to be a lot of confusion for a very long time.
One of the things that is driving that confusion is the potential upside. An estimated $3.1 trillion business impact by 2030 – but there is a long way to go. Nick reports to have yet heard of a single production blockchain use case that has scale beyond four to five nodes that couldn’t easily be done with a centralised database.
What is blockchain? It is a distributed ledger. A way to introduce trust in an untrusted network of participants. This provides mechanisms that order transactions and so that double spending can’t occur. Blockchain is not a database per say but a linked list. Every transaction builds on the previous transaction, or block of transactions. Anything that can be digitised, be it a dollar, cryptocurrency or a photograph, the blockchain will record where it came from, who has handled it and who currently has it.
Today, you can download the entire Bitcoin blockchain, at about 160GB, which has been in existence since 2009. You will see precisely all the way back to the Genesis block. And no one is identified. Everyone has a wallet identification of 32 characters and there is no personal exposure. But just because you may not be linked to that Wallet ID, doesn’t mean it can’t be determined who you are. Particularly, if you’re posting on web forums, or used the Wallet ID on some other platform. So, despite not readily being identifiable, there is still other identifiable attributes that can be applied.
However, for business use, there is a general requirement to know who you’re dealing with, so there is potential for new centralised identity services and privilege management. Another key aspect of the blockchain is that there is active data, where behaviour or logic can be applied. The Blockchain can apply a smart contract, with a programming language, which looks at different pieces of data, called Oracles, which provides data sources of truth for the smart contract to verify against and act on.
The current challenge is that there is no way to ensure the contract data is ‘bug’ proof or even legal. Programmers writing smart contracts need to ensure accuracy and being comprehensive to the smart contract requirements. For business, this will require bridging application development with legal, procurement and other sources of expertise. One good example is referred to the DAO Hack, where a code vulnerability was exploited and $35 million in digital currency was stolen.
The four types of blockchain initiatives are blockchain disrupters, digital asset markets, efficiency plays, records management and auditing. Blockchain disrupters are those seeking out new business based on a blockchain foundation, however the business model may not be new. The digital asset market is new markets based on digital assets formed from nondigital ones (physical and virtual). Efficiency plays comes from creating efficiency improvements in transactions, interactions and tracking provenance of assets. Finally, record keeping for trust verification by one entity, for oneself or a community.
Data analytics can also be applied, however data in blockchain can’t be manipulated. It is a write only record but it can append information. Integrity concerns still requires enforcement. It is a data tree and key value pair. Blocks also need to be small, so if a MRI Scan is being verified, you would not load the MRI, you would use a hash which appends the MRI. A blockchain is yet another data source to integrate into an analytics program.
There remain challenges for blockchain technology. The current platforms are not scalable or complete, an ecosystem of competitors is yet to fully form, agreements on structures and formats of data is still being developed and though a complex and powerful solution, a blockchain can consume huge resources to build.
For more information visit www.gartner.com
REPORT REVIEW | by CHRIS CUBBAGE
POLICY BRIEF: AUSTRALIA’S OFFENSIVE CYBER CAPABILITY
Australian Strategic Policy Institute, Fergus Hanson & Tom Uren
www.aspi.org.au/report/australiasoffensive-cyber-capability
Researchers have identified more than 100 states with military and intelligence cyber units, ranging considerably in capability and compliance with international law. The US Cyber Command’s action arm, the Cyber Mission Force, is building to 6,200 military and civilian personnel, or about 10% of the ADF, and for the 2018 financial year requested a US$647 million budget allocation. China has been accused of stealing enormous quantities of intellectual property, North Korea has used cyber tools to steal money, and Russia is accused of using a range of online methods to influence the 2016 US presidential election.
This policy brief seeks to further clarify the nature of Australia’s offensive cyber capability. It recommends improving communications, using innovative staff recruitment and retention options, deepening industry engagement and reviewing classification levels in some areas. The report is structured to the following parts:
What’s an offensive cyber operation?
Organisation, command and approvals
Operations against declared targets
Risks
Checks, balances and compliance with
international law
Strengths and weaknesses
Future challenges and recommendations.
Australia’s Capability On 30 June 2017 Australia became the first country to openly admit that its cyber offensive capabilities would be directed at ‘organised offshore cyber criminals’ and the then Minister Assisting the Prime Minister for Cyber Security, Dan Tehan, announced the formation of an Information Warfare Division within the ADF. Australia has declared that it will use its offensive cyber capabilities to deter and respond to serious cyber incidents against Australian networks; to support military operations, including coalition operations against Daesh in Iraq and Syria; and to counter offshore cybercriminals. Given ASD’s role in intelligence gathering, operations can integrate intelligence with cyber operations—a mission critical element.
Offensive cyber operations in support of [ADF] operations are planned and executed by ASD and Joint Operations Command under direction of the Chief of Joint Operations. Targeting for offensive cyber operations occurs in the same manner as for kinetic ADF operations. Any offensive cyber operation in support of the ADF is planned and executed under the direction of the Chief of Joint Operations and, as with any other military capability, is governed by ADF rules of engagement.
Decisions on which cybercriminal networks to target follow a similar process to those for military operations, including that particularly sensitive operations could require additional approvals, although the exact processes haven’t been disclosed. Again, these operations would have to comply with domestic law and be consistent with Australia’s obligations under international law.
In contrast to Australia’s model, the UK’s National Offensive Cyber Programme is a partnership between the Ministry of Defence and the Government Communications Headquarters (the latter organisation’s minister is the Secretary of State for Foreign and Commonwealth Affairs). In the US, the offensive cyber military capability is housed within Cyber Command, which will be raised to the status of a unified combatant command for cyberspace operations.
Recommendations The Policy Brief, alongside other ASPI publications, is a worthwhile compass point and provides six recommendations, summarised as: 1. The Australian Government should be careful when publicly discussing the offensive capability, particularly to distinguish the military and law enforcement roles.
2. Recruiting and retaining Australia’s top technical talent is a major hurdle. A pool of alumni working as cleared reservists could be used as an additional workforce without the significant investment required in conducting entirely new clearances.
3. There’s a policy question about whether or not Australia’s offensive cyber capability should be used in support of Australian corporate interests.
4. The government should continue to scope the potential benefits from lowering the classification of information associated with offensive cyber operations.
5. Consider conducting a cost–benefit analysis on the relative value of substantial further spending on cyber to provide it with an asymmetric capability against future adversaries. This would need to include a considerable investment in training.
6. There appears to be scope to update the existing policy and legislative framework that governs the employment of offensive cyber in deployed operations to support those kinds of activities.
Have you recently published a security related book? Or have you just read a new, great security book? Please email us at editor@australiansecuritymagazine.com.au
