Home Cloud Computing DSD wins US cyber security award through Australian innovation

Subscribe now and get the news that matters to your industry.

* Your Email Address:
* First Name:
* Last Name:
Job Function:
Australian State:
Email marketing by Interspire
weebly statistics

The Australian Defence Signals Directorate (DSD) has won a 2011 US National Cybersecurity Innovation Award, judged and presented by security certification and training organisation SANS Institute.


The National Cybersecurity Innovation Awards recognise developments undertaken by companies and government agencies that are innovative in that they are new or have not previously been successfully deployed, have resulted in significant cyber risk reduction, can be scaled quickly to serve large numbers of organisations, and should be adopted by many other organisations.

Nominators for the awards include most of the senior US government officials involved with cybersecurity as well as leaders from the major cybersecurity Information Sharing and Analysis Centers (ISACs) and other key cybersecurity leaders.

A DSD team analysed all reported targeted cyber intrusions launched against civilian and military government systems to determine what measures would have prevented their spread.

The team identified a total of 35 controls that would prove valuable, but honed in on four, dubbed "the sweet spot," that must be implemented at all governmental organisations to protect them from targeted attacks.

The award honors Steve Mcleod and Chris Brookes, who led the DSD team that developed the list of controls, and Dr. Ian Watt for "advocating that all cabinet agencies in Australia should implement the four controls and making sure they are doing it."

According to a statement from SANS Institute, the DSD innovations change the security game:

"A team at the Australian Defence Signals Directorate (DSD), led by Steve Mcleod and Chris Brookes, took on the task of studying all known targeted intrusions against government systems - both civilian and military - and determining what would have stopped the infections from spreading.

"They found that 35 controls would be valuable, but that four specific controls, alone, are the only ones that must be implemented across all Cabinet-level organizations if they are to have any hope of defending their systems against targeted intrusions The Australian DSD recognized that once those four have been implemented, additional risk reduction may be gained using additional controls, but those four must be done first.

"The National Cybersecurity Innovation Award for effective security management goes to DSD for showing the way and to Dr Ian Watt, in particular, for his extraordinary leadership as Australian Secretary of Defence, in advocating that all Cabinet agencies in Australia should implement the four controls (nicknamed the "sweet spot") and making sure they are doing it. The Australian Defence Signals Directorate supported the program first by identifying the 35 key mitigations for targeted intrusions and defining four of those as the ones that had to be implemented first before even considering the other thirty-one.

"They also developed and posted detailed explanations of the mitigations and provided expert support for the agencies as they systematically implemented all four key mitigations.   In the agencies that have completed the task, the spread of targeted attacks is no longer a significant problem. Although these controls will not stop the most sophisticated attackers, they do stop the targeted attackers with medium and low sophistication, the ones that cause the greatest amount of information loss.

"The cost of implementing these four controls is a tiny fraction of the cost of implementing the average U.S. federal government agency cybersecurity program. Since the impact of this low-cost approach is much better security than what U.S. agencies are experiencing, the Australian innovation changes the game."

The four controls as well as the remaining 31 and valuable supporting guidance are all posted here.


Don't let traffic bottlenecks slow your network or business-critical apps to a grinding halt. With SolarWinds Bandwidth Analyzer Pack (BAP) you can gain unified network availability, performance, bandwidth, and traffic monitoring together in a single pane of glass.

With SolarWinds BAP, you'll be able to:

• Detect, diagnose, and resolve network performance issues

• Track response time, availability, and uptime of routers, switches, and other SNMP-enabled devices

• Monitor and analyze network bandwidth performance and traffic patterns.

• Identify bandwidth hogs and see which applications are using the most bandwidth

• Graphically display performance metrics in real time via dynamic interactive maps

Download FREE 30 Day Trial!



Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup


Stan Beer


Stan Beer co-founded iTWire in 2005. With 30 plus years of experience working in IT and Australian technology media, Beer has published articles in most of the IT publications that have mattered, including the AFR, The Australian, SMH, The Age, as well as a multitude of trade publications.