Mike Burgess will be the next director-general of the Australian Signals Directorate (ASD), Prime Minister Malcolm Turnbull said on Friday afternoon, with current head Paul Taloni moving across to the Office of National Assessments.
Burgess was previously a deputy director of ASD prior to his stint as Telstra chief information security officer which ended in October 2016. Since that time, Burgess has been an information security consultant.
“Burgess will bring to ASD significant experience in intelligence and information and cybersecurity from both the private and public sectors, particularly as it transitions to a statutory agency within the Defence portfolio,” Turnbull said.
ASD is set to become a statutory authority as part of the changes that will see the Australian Federal Police and the Australian Security Intelligence Organisation stripped from the Attorney-General’s Department and moved into the new Peter Dutton-led superministry of Home Affairs.
In June, Burgess called on the Australian government to loosen the reins on ASD and extend its mandate beyond government.
“The ASD is uniquely placed in its role, its capabilities, and its investment in its capabilities to continue to give and provide world class advice to the private sector,” Burgess said.
“ASD needs to be given its voice from the basement to the boardroom and it needs to do that for the private sector.
“ASD should not simply be seen as an intelligence and security agency that sets government information security policy.”
At the start of the year, ASD published its new Essential Eight strategy to mitigate cyber intrusions.
Burgess last month told ZDNet that businesses should consider insider threats as their biggest threat.
“That’s not because your staff are bad, or people in the supply chain are bad — it’s simply the human can generally do the greatest damage, and we’ve seen many examples of that,” he said.
According to Burgess, the insider threat is nothing new; it’s just able to occur faster than in the past.
“It’s the downside of the upside of this technology-connected-enabled world,” he said. “Nothing new here, people just need to grapple with the fact technology and connectivity means bad things can happen quickly.
“I am a little surprised, given everything that has happened in the world, that more people are not paying attention to this. But on the upside, more people are paying attention to this, and now they’ve just got to figure out the right way of identifying and managing the risk effectively.”
The Joint Committee of Public Accounts and Audit wants the government to include the additional four steps in its list of mandatory infosec strategies.
The Australian Signals Directorate this week updated its strategies to prevent cyber intrusions.
Macquarie Government joins Sliced Tech and Vault Systems in offering the Australian government protected-level cloud services.
Mike Burgess has called on the federal government to allow the ASD to lead the charge on influencing and giving advice on cybersecurity to the private sector.
Despite the creation of the Cyber Security Advisory Office, the Australian Signals Directorate will still be tasked with advising government bodies of information security threats.
Sliced Tech and Vault Systems have been awarded protected-level federal government certification ahead of their global cloud competitors.