​Data61 signs MoU to lift boardroom 'cyber literacy'

Data61 has partnered with the Australian Institute of Company Directors to educate boardroom members on how to best treat cybersecurity within their organisations.

CSIRO's Data61 has entered into a memorandum of understanding with the Australian Institute of Company Directors in a bid to lift the "digital and cyber literacy" of board members and company directors across the country.

The agreement will see both organisations jointly develop a cybersecurity education and training program expected to focus on achieving a greater understanding of cybersecurity by board members, how to perform appropriate risk management within an organisation, what the required investment on cybersecurity should be, and the opportunities for innovation that come from being "cyber-ready".

Adrian Turner, Data61 CEO, believes cybersecurity is a board-level issue. The Silicon Valley veteran said it is the board's responsibility to drive innovation and strategy which he said will result in positive leadership, a coherent strategy, and proactive information governance.

"Directors globally have expressed concern at the rapid pace of digital change, increased cyber threats, technical jargon, and associated risks as limiting their ability to appropriately fulfil their duties," Turner said.

"Advances in information and communications technology are enabling greater accessibility, mobility, convenience, efficiency, and productivity across almost all aspects of Australian life -- with national security, economic prosperity, and social well-being now dependent on IT and digitally-driven transformation."

Using the three principles of confidentiality, integrity, and availability of data, Data61 said the program will focus on corporate governance and its application to the way people interact with technology and each other.

"Whilst this heightened era of digital productivity and accessibility has created infinite opportunity, it has concurrently created new threats and vulnerabilities in the creation, storage, and utilisation of information," Turner said.

"These threats are significantly more than just cybersecurity related -- they also extend to the accuracy, integrity, and availability of information that is critical to both real-time human and automated decisions that affect our nation and people.

"There is a need for leadership to better understand the cyber threats and opportunities in our connected world."

The Australian Institute of Company Directors said it expects the new program to also complement initiatives under the Australian government's AU$240 million Cyber Security Strategy that was announced last week.

The strategy aims to defend the nation's networks from organised criminals and state-sponsored attackers, and sits alongside the AU$400 million provided in the Defence White Paper for cyber activities.

As part of the strategy, Prime Minister Malcolm Turnbull announced a Cyber Security Small Business Programme which will comprise of a grant for Council of Registered Ethical Security Testers (CREST) Australia and New Zealand to "scale-up" cybersecurity accreditation services for providers and expand the range of accreditation services they offer, as well as a one-off grant of AU$2,100 to access cybersecurity testing by providers accredited by CREST, which is only available for small businesses with fewer than 20 employees.

In December, Turnbull announced a AU$500 million investment in Australia's science sector under its AU$1.1 billion National Innovation and Science Agenda.

Under the agenda, Data61 is slated to receive AU$75 million to harness the "data revolution", which will see the organisation use data analytics to connect disparate government datasets and publicly release them on open data platforms; improve industry cybersecurity and develop new architectures; build a Data Research Network to link businesses with data researchers; and deliver data analytics training to improve data literacy in Australian businesses.

Earlier this month, Data61 signed a memorandum of understanding with Cyber London (CyLon) that will see Australia and the United Kingdom share expertise, resources, and capital to accelerate cybersecurity innovation in each country.

Under the agreement, the two organisations will develop programs for improved "cyber skills and governance"; launch a CyLon accelerator program in Australia; and support and commercialise new ideas, including building a physical and virtual environment in each country to showcase "cyber innovation and solutions" to prospective partners or buyers.