‘Cyber’, when the word is said many images come to mind, power stations out of control, Hugh Jackman in the movie swordfish, the wanna-cry style ransomware attacks, its potential impact is only limited by our imaginations. Cyber is a very topical issue and is certainly gaining momentum with sizeable investment from governments across the world. But how do we ensure that our forces in Australia are ready to operate in this new landscape where the battle has the potential to be influenced in areas one cannot see?
The need to have our forces trained in defensive cyber practices and procedures is clear, a 2016 report by the Australian Centre for Cyber Security (ACCS) called for a “rapid catch-up in Australian capabilities for military security in the information age”. How do we achieve this ‘rapid catch up required’?
A recent examination of the US Army’s approach to cyber training spoke of a different approach they are currently taking that is having great results. The US Army Cyber Training School and its use of unclassified openstack platforms that were being implemented to train their forces, platforms that were easy to update and roll out to keep up with ever changing training needs. A smart initiative that has had great results. So how can we take this a step further? How do we ensure our operators of all corps/mustering are ready to fight in this landscape?
1. Deliver training from the start
To build the cyber reliance/self-defence of our forces applying the training at the base is key. Look at opportunities to insert this training at initial employment training across all corps and mustering. By introducing the key concepts at the start we have the opportunity to have a workforce that is ready from the start.
2. Treat cyber self-defence like a weapon system
Much like we focus on physical defence of our forces through the training and employment of the personal weapon systems we should look at cyber self-defence in the same way. Teaching and testing the basic defensive cyber practices to ensure a level of security and reduction of vulnerabilities.
3. Link cyber defence to readiness notice
Like all defence skills and qualifications maintaining skill currency is key. Much like we require our forces to regularly demonstrate competence in skillsets to demonstrate their readiness to deploy on operations we should look at ways to incorporate cyber defence testing and certification.
4. Instil a culture of cyber security across the workforce.
Start to send the message that it really is everybody’s problem, a lot of the basic threats can be mitigated by simple actions and awareness of people – processes and technology can follow on from this…
Have any further thoughts on how we can achieve the ‘rapid catch up’ of cyber self defence across our forces? Are there examples where this has started?
Would love to hear you comments below …
Director - Consulting
Patrick is the Director of Consulting at BCT. He is passionate about delivering independent C4ISREW advice. He is an experienced consultant within both the Defence and Heavy Industry sectors.
BCT has launched its annual Employee Professional Opportunities & Wellness Rhythm (EmPOWeR) program. The EmPOWeR program is an annual staff development and benefit realisation process. It's aim is to help individuals to be the best they can (personally and...read more
Emily Young has joined BCT Solutions in our Learning and Development Team. We are thrilled that she has joined our growing team of respected #C4ISREW consultants. Emily has significant Defence and Civil sector experience, both in uniform and out, across all facets of...read more
Our very own David French is coordinating and participating in the Ride for HeartKids this Feb. The Ride for HeartKids raises awareness and funds for HeartKids Australia, an organisation that supports Australian children, teens and adults with Congenital Heart Disease...read more