Author's Opinion

The views in this column are those of the author and do not necessarily reflect the views of iTWire.

Have your say and comment below.

Saturday, 22 April 2017 10:15

Why Dan Tehan should have nothing to do with cyber security Featured

By

Dan Tehan has just provided the country with adequate reasons as to why he should not be allowed anywhere near any post that has anything to do with online security. Least of all a federal ministerial position.

Tehan, the Minister assisting the Prime Minister on Cyber Security, wrote an op-ed for the West Australian on Friday; some of the statements he made would fight for primacy with one made by former communications minister Richard Alston. (Unfortunately, The West Australian's website is a pay-only site, but Tehan's gem is linked from here.)

Alston, who was described by some as the world's biggest Luddite, once said during his tenure that the only reason people wanted faster broadband was to download porn.

Tehan has made statements that are on par with this; for one, he is credited with saying that the government is contemplating laws to make telecommunications providers take responsibility for "scrubbing the Web of viruses and malware".

The West Australian's Nick Butterly referred to this as a "radical plan" in what he characterised as an exclusive story, oblivious to the fact that it could not be any other, as the article he wrote was based on Tehan's op-ed published by his employer.

Scrubbing the Web? What does that involve? Not blocking of websites, according to Tehan. No, that turned out to be a miserable failure when the Labor Party tried to play nanny some years ago. But then what? Scrubbing with soap and water?

Dan Tehan.

Dan Tehan: "The government is testing a capability to prevent government users visiting sites known to be malicious."

It is possible that Tehan has drawn inspiration from his boss, Prime Minister Malcolm Turnbull, who has sought to portray himself as someone who is in the groove when it comes to matters digital. Turnbull's method of projecting this image is by using the words "innovation" and "agile" frequently; I suspect that he has set a timer on his (expensive) smartphone to alert him when to next use either of these weasel words.

But back to Tehan; exactly what inspired him to write this op-ed is unknown. Perhaps it was the release this week by the Australian Cyber Security Centre of its cyber security survey for 2016, an eminently sensible document and nowhere near the level of ignorance displayed by Tehan.

One of the gems from Tehan was this: "Just as we trust banks to hold our money, just as we trust doctors with our health, in a digital age we need to be able to trust telecommunications companies to protect our information from threats."

So if telcos cannot block sites they deem dangerous, how do they do that, minister? When it comes to detail, Tehan predictably goes missing.

By extension, if you receive a spam phone call offering you glorious discounts on your international phone rates, then you should blame Telstra or Optus, depending on who supplies that line. But that line (pun intended) of reasoning can only be described as stupid.

More gems from Tehan: "Technology should improve our online experience, like stopping spam emails and providing SMS authentication for your banking services. We are calling on businesses to provide enhanced cyber security services to provide greater choice for users who wish to protect themselves online."

Apart from the dubious grammar in these pronouncements — and right through this op-ed — the minister seems to be blissfully unaware that most banks do provide SMS authentication. Of course, how one prevents spam coming in from a popular provider like Gmail was not dealt with at any length by Tehan. Those details are left to nitpickers.

Tehan further said that the government would work with business "to enhance the identification and patching of vulnerabilities that online criminals are exploiting. We will also enhance our scanning of government networks to identify vulnerabilities before the criminals do".

Good luck with that, Dan. Security experts in Russia, China, Israel and the US haven't been able to do so, but I'm sure you have some mysterious plan that will succeed.

The minister also said that the government "is testing a capability to prevent government users visiting sites known to be malicious. We will look at how we can share this information to provide greater protection to the private sector and broader community. We will improve the monitoring of data as it moves across government networks to support active cyber defence."

It's puzzling to divine exactly what Tehan means by this "capability", unless he is talking of surveillance as per the NSA model. But one doubts he will go down that path; the government of which he is part is already trailing badly in opinion polls and any talk of more surveillance (we already have data retention laws in place) would only make the figures worse.

But having knocked Tehan for his ridiculous op-ed, what does one really do to reduce the chances of online attacks?

Number one, minister, insist that Microsoft make it compulsory for users of its Windows operating systems — which the government uses to the exclusion of all other systems — to operate only with user privileges when doing their daily work.

And no, that advice does not emanate from me. It comes from the security firm Avecto, who came to this conclusion after analysing the entire list of Microsoft's security announcements for 2016.

One more thing that Tehan could do is to mandate that government employees digitally sign their emails, and also make this compulsory for businesses; the number of email-borne infections would drop by a fair amount if that was done.

But going after telcos and all the other waffle mentioned by Tehan is a waste of time. It is an attempt to be seen to be doing something when you have no clue as to what that "something" is.

There is a golden rule about what one should do when one is in electoral trouble: "When you're up to your neck in shit, keep your mouth shut." Obviously, nobody told Dan about this.

Pictures: courtesy Dan Tehan's website.

Read 13560 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here

ENABLING MICROSOFT TEAMS IN THE CONTACT CENTRE

If you're looking at enabling Microsoft Teams for your contact centre, you should bookmark this webinar.

Marketing budgets are now focused on Webinars combined with Lead Generation.

Our panellists from Whangarei District Council (NZ) and Maurice Blackburn Lawyers (Aus) were closely involved in recent projects to enable Microsoft Teams for their own contact centres.

They have kindly agreed to join Enghouse and Microsoft to talk about some of the things they would recommend as most critical for IT and CX professionals planning a Teams Contact Centre migration.

Date: 11 May 2022
Time: 12pm AEST | 2pm NZST | 10am SGT

We look forward to having you join us. Please click the button below to register.

REGISTER HERE!

SONICWALL 2022 CYBER THREAT REPORT

The past year has seen a meteoric rise in ransomware incidents worldwide.

Over the past 12 months, SonicWall Capture Labs threat researchers have diligently tracked the meteoric rise in cyberattacks, as well as trends and activity across all threat vectors, including:

Ransomware
Cryptojacking
Encrypted threats
IoT malware
Zero-day attacks and more

These exclusive findings are now available via the 2022 SonicWall Cyber Threat Report, which ensures SMBs, government agencies, enterprises and other organizations have the actionable threat intelligence needed to combat the rising tide of cybercrime.

Click the button below to get the report.

GET REPORT!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Sam Varghese

Sam Varghese has been writing for iTWire since 2006, a year after the site came into existence. For nearly a decade thereafter, he wrote mostly about free and open source software, based on his own use of this genre of software. Since May 2016, he has been writing across many areas of technology. He has been a journalist for nearly 40 years in India (Indian Express and Deccan Herald), the UAE (Khaleej Times) and Australia (Daily Commercial News (now defunct) and The Age). His personal blog is titled Irregular Expression.

Share News tips for the iTWire Journalists? Your tip will be anonymous

WEBINARS ONLINE & ON-DEMAND

GUEST ARTICLES

VENDOR NEWS

Guest Opinion

Guest Interviews

Guest Reviews

Guest Research

Guest Research & Case Studies

Channel News

Comments