15,354 research outputs found

    Commercial critical systems and critical infrastructure protection : a future research agenda

    Get PDF
    Secure management of Australia&rsquo;s commercial critical infrastructure presents ongoing challenges to owners and the government. Although it is currently managed through high-level information sharing via collaboration, but does this suit the commercial sector. One of the issues facing Australia is that the majority of critical infrastructure resides under the control of the business sector and certain aspects such of the critical infrastructure such as Supply Chain Management (SCM) systems are distributed entities and not a single entity. The paper focuses upon the security issues associated with SCM systems and critical infrastructure protection.<br /

    Australian commercial-critical infrastructure management protection

    Full text link
    Secure management of Australia\u27s commercial critical infrastructure presents ongoing challenges to owners and the government. Although managed via a high-level information sharing collaboration of government and business, critical infrastructure protection is further complicated by the lack of a lower-level scalable model exhibiting its various levels, sectors and sub-sectors. This research builds on the work of Marasea (2003) to establish a descriptive critical infrastructure model and also considers the influence and proposed modelling of critical infrastructure dependency inter-relationships.<br /

    The Australian Cyber Security Centre threat report 2015

    Get PDF
    Introduction: The number, type and sophistication of cyber security threats to Australia and Australians are increasing. Due to the varied nature of motivations for cyber adversaries targeting Australian organisations, organisations could be a target for malicious activities even if they do not think the information held on their networks is valuable, or that their business would be of interest to cyber adversaries. This first unclassified report by the ACSC describes the range of cyber adversaries targeting Australian networks, explains their motivations, the malicious activities they are conducting and their impact, and provides specific examples of activity targeting Australian networks during 2014. This report also offers mitigation advice on how organisations can defend against these activities. The ACSC’s ability to detect and defend against sophisticated cyber threats continues to improve. But cyber adversaries are constantly improving their tradecraft in their attempts to defeat our network defences and exploit the new technologies we embrace. There are gaps in our understanding of the extent and nature of malicious activity, particularly against the business sector. The ACSC is reaching out to industry to build partnerships to improve our collective understanding. Future iterations of the Threat Report will benefit from these partnerships and help to close gaps in our knowledge

    Trafficking in persons monitoring report: January 2009–June 2011

    Get PDF
    Since 2008, the Australian Government has increased the tempo on investigating and understanding these crimes, and the Australian Institute of Criminology’s research and monitoring program is part of this effort.&nbsp; The Government has introduced new legislation to crack down on trafficking slavery and servile marriages. Human trafficking is a serious but underreported problem as victims are unwilling to come forward. Since 2004 only 14 people have been convicted of people trafficking-related offences (nine of the 14 defendants were convicted of slavery offences, three of sexual servitude, one of people trafficking and one of labour exploitation). Between January 2009 and June 2011 there were 73 police investigations in Australia and 145 trafficked people entering the government’s victim support program—slightly more than in the previous period. Victims continue to be overwhelmingly from south-east Asia, one-third from Thailand alone. Authored by Jacqueline Joudo Larsen, Lauren Renshaw, Samantha Gray-Barry, Hannah Andrevski, and Toby Corsbie

    Cybersecurity: mapping the ethical terrain

    Get PDF
    This edited collection examines the ethical trade-offs involved in cybersecurity: between security and privacy; individual rights and the good of a society; and between the types of burdens placed on particular groups in order to protect others. Foreword Governments and society are increasingly reliant on cyber systems. Yet the more reliant we are upon cyber systems, the more vulnerable we are to serious harm should these systems be attacked or used in an attack. This problem of reliance and vulnerability is driving a concern with securing cyberspace. For example, a ‘cybersecurity’ team now forms part of the US Secret Service. Its job is to respond to cyber-attacks in specific environments such as elevators in a building that hosts politically vulnerable individuals, for example, state representatives. Cybersecurity aims to protect cyberinfrastructure from cyber-attacks; the concerning aspect of the threat from cyber-attack is the potential for serious harm that damage to cyber-infrastructure presents to resources and people. These types of threats to cybersecurity might simply target information and communication systems: a distributed denial of service (DDoS) attack on a government website does not harm a website in any direct way, but prevents its normal use by stifling the ability of users to connect to the site. Alternatively, cyber-attacks might disrupt physical devices or resources, such as the Stuxnet virus, which caused the malfunction and destruction of Iranian nuclear centrifuges. Cyber-attacks might also enhance activities that are enabled through cyberspace, such as the use of online media by extremists to recruit members and promote radicalisation. Cyber-attacks are diverse: as a result, cybersecurity requires a comparable diversity of approaches. Cyber-attacks can have powerful impacts on people’s lives, and so—in liberal democratic societies at least—governments have a duty to ensure cybersecurity in order to protect the inhabitants within their own jurisdiction and, arguably, the people of other nations. But, as recent events following the revelations of Edward Snowden have demonstrated, there is a risk that the governmental pursuit of cybersecurity might overstep the mark and subvert fundamental privacy rights. Popular comment on these episodes advocates transparency of government processes, yet given that cybersecurity risks represent major challenges to national security, it is unlikely that simple transparency will suffice. Managing the risks of cybersecurity involves trade-offs: between security and privacy; individual rights and the good of a society; and types of burdens placed on particular groups in order to protect others. These trade-offs are often ethical trade-offs, involving questions of how we act, what values we should aim to promote, and what means of anticipating and responding to the risks are reasonably—and publicly—justifiable. This Occasional Paper (prepared for the National Security College) provides a brief conceptual analysis of cybersecurity, demonstrates the relevance of ethics to cybersecurity and outlines various ways in which to approach ethical decision-making when responding to cyber-attacks

    Disaster and disadvantage: social vulnerability in emergency management

    Get PDF
    This report describes who is most at risk of being socially vulnerable in an emergency or disaster and what needs to be done to better protect them and improve their recovery Executive summary: While they can be devastating for all affected individuals and communities and cause great physical, financial and psychological hardship, for people who are already facing disadvantage, the impacts can be overwhelming, leading – in the words of one mother – to a “cascade of sorrows”. People facing disadvantage, such as those in poverty, migrants, refugees, children, older people, people with disabilities, people who are homeless or transient, and people living in poor quality housing, are more vulnerable at all stages of a disaster – before, during, and after it strikes. These people are considered ‘socially vulnerable’ in the face of a disaster. Whether it is their capacity to evacuate in time or to recover in the long term from trauma and financial devastation, socially vulnerable people are hit hardest and longest by disasters and emergencies. These people often have fewer resources and less social support, mobility and housing options at their disposal, and so are less able to prepare for, respond to and recover from a disaster or emergency. As one report put it, socially vulnerable are “more likely to die...and less likely to recover.

    The good practice guide to Child Aware Approaches: keeping children safe and well

    Get PDF
    Abstract: Child Aware Approaches is a grassroots initiative that engages civil society to develop local approaches, actions and initiatives to keep children safe and well, recognising that protecting children is a shared responsibility. This paper defines Child Aware Approaches, outlines the philosophies and principles underpinning this strategy, and offers case study examples of how the principles can be applied in practice. This paper is intended for service managers and practitioners working with vulnerable children and families, particularly those working in adult-focused service sectors. Key messages: There has been growing awareness that parental problems such as substance misuse, mental illness and family or domestic violence, are often related to negative outcomes for children. This paper is intended as a practical resource for organisations, practitioners and individuals working in social services (particularly services for children, families and adults) to put the needs, views and aspirations of children and young people at the heart of actions to improve child and family wellbeing and safety. The paper explains the five core philosophies and 10 key principles underpinning Child Aware Approaches, to provide practical guidance for those working with vulnerable children and families and to inform policies, procedures and practices within organisations. Each principle can be considered from multiple perspectives (e.g., at the organisational, managerial and practitioner levels). Practice considerations are provided as examples to inspire thought and discussion of the different levels at which action may be required in applying the principles of Child Aware Approaches. Case study examples highlight the diversity of innovative and creative ways in which the principles of Child Aware Approaches have been applied in a variety of settings and situations

    The Proceedings of 15th Australian Information Security Management Conference, 5-6 December, 2017, Edith Cowan University, Perth, Australia

    Get PDF
    Conference Foreword The annual Security Congress, run by the Security Research Institute at Edith Cowan University, includes the Australian Information Security and Management Conference. Now in its fifteenth year, the conference remains popular for its diverse content and mixture of technical research and discussion papers. The area of information security and management continues to be varied, as is reflected by the wide variety of subject matter covered by the papers this year. The papers cover topics from vulnerabilities in “Internet of Things” protocols through to improvements in biometric identification algorithms and surveillance camera weaknesses. The conference has drawn interest and papers from within Australia and internationally. All submitted papers were subject to a double blind peer review process. Twenty two papers were submitted from Australia and overseas, of which eighteen were accepted for final presentation and publication. We wish to thank the reviewers for kindly volunteering their time and expertise in support of this event. We would also like to thank the conference committee who have organised yet another successful congress. Events such as this are impossible without the tireless efforts of such people in reviewing and editing the conference papers, and assisting with the planning, organisation and execution of the conference. To our sponsors, also a vote of thanks for both the financial and moral support provided to the conference. Finally, thank you to the administrative and technical staff, and students of the ECU Security Research Institute for their contributions to the running of the conference
    • 

    corecore