37
CERT Australia CERT Australia – Australia
1.
About CERT Australia
1.1. Introduction – CERT Australia’s Mission Statement
CERT Australia is Australia’s national computer emergency response team. It is the national coordination point for the provision of cyber security information and
advice for the Australian community. CERT Australia has a particular focus on Australian private sector organisations identified as Systems of National Interest
SNI and Critical Infrastructure CI. It is also the official point of contact in the expanding global community of national CERTs to support more international
cooperation on cyber security threats and vulnerabilities.
1.1.1. Establishment
CERT Australia was formed in 2010 in response to the 2008 Australian Government E-Security Review recommendations that Australia’s Computer
Emergency Response Team arrangements would benefit from greater coordination.
1.1.2. Workforce power
CERT Australia currently employs 23 core staff.
1.1.3. Constituency
CERT Australia seeks to improve cyber security for all Australian internet users by developing information about significant threats and vulnerabilities that may
affect Australian systems. CERT Australia is the cyber security coordination point between the Australian Government and the Australian organisations identified as
SNI or CI owners and operators.
2.
Activities Operations CERT Australia undertakes a range of cyber security activities including:
• providing Australians with access to information on cyber threats,
vulnerabilities in their systems and information on how to better protect themselves
38 •
promoting greater shared understanding between government and business of the nature and scale of cyber security threats and vulnerabilities within
Australia’s private sector networks and how these can be mitigated •
providing targeted advice and assistance to enable SNI and CI owners and operators to defend their systems from sophisticated electronic attacks,
working in close collaboration with intelligence and law enforcement agencies, via the Australian Cyber Security Centre ACSC, and
• providing a single Australian point of contact in the expanding global
community of national CERT’s to support more effective international cooperation.
Throughout 2014, CERT Australia: •
provided unique cyber security threat and vulnerability information relevant to the Australian private sector; specifically those organisations identified as
SNI and CI, the purpose of which is to assist the private sector to protect their networks
• coordinated, facilitated and performed vulnerability analysis and disclosure,
especially where vulnerabilities were identified by Australian stakeholders •
coordinated the Australian Government’s cyber security support to Australian business, particularly owners and operators of SNI and CI, for the G20 event
held in Brisbane in November 2014 •
hosted several information exchanges with SNI partners that included members of the banking and finance, control systems and telecommunications
sectors and enabled government and business to share sensitive cyber-security technical information and experiences in a trusted environment, enhancing the
ability of both government and business to understand and respond to Australia’s cyber security threat environment
• maintained an awareness of cyber threats facing the private sector,
contributing to the Australian Cyber Security Centre’s ability to form a national picture of cyber threats
• responded to incidents involving targeted and untargeted attacks against
Australian organisations.
2.1. Incident handling reports