Tuesday, 03 March 2020 10:40

AIIA fears certification changes could hit govt cloud adoption Featured

AIIA fears certification changes could hit govt cloud adoption Image by Mudassar Iqbal from Pixabay

The Australian Information Industry Association has expressed concerns that proposed changes to the way in which cloud providers are certified for government contracts could affect cloud adoption by federal government agencies.

The Australian Signals Directorate and the Digital Transformation Agency announced on Monday that the former would, with immediate effect, cease to be the regulator for cloud providers who aspire to be certified for government services.

The AIIA said in a statement on Tuesday that the proposal to discontinue the Cloud Services Certification Program right away and nullify the list of certified cloud providers by 30 June could cause confusion in the absence of proper guidance and support to agencies.

Monday's announcement came after a review that commenced in July 2019. It means that every cloud provider that wants to bid for government contracts will have to satisfy the requirements laid down by the government agency in question.

The AIIA said its concerns centred around the notion that "the closure of the list and removal of the central role the ASD has had for certifying cloud platforms does assume that agencies have the requisite skills and capabilities to appropriately assess and accept this risk".

"The mixed ability for small and even larger government agencies to conduct cyber-threat risk assessments may lead to risk adverse behaviours due to a lack of cyber skills in agencies resulting in a decline in adoption of latest cloud technologies and digital services," it added.

"We encourage the DTA and ACSC (Australian Cyber Security Centre) to support agencies to develop these capabilities or to share information through communities of interest.

The AIIA said it welcomed the expansion of the Information Security Registered Assessors Program if it were to "lead to improved confidence in the assessments by agencies of appropriate risk to enable latest cloud services adoption in their businesses".

"We support the government in ensuring the need for higher standards in the IRAP community to aid agency and industry confidence in the program," the statement said.

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Sam Varghese

website statistics

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.



Recent Comments