Project Problem Domain and Background
Australian Government departments are undergoing significant transformation to leverage cloud hosted services and to “deliver world-leading digital services for the benefit of all Australians” (Digital Transformation Agency, 2018). With the advent of COVID-19, departments have needed to expedite transformation activities to allow for increased remote workers. They have simultaneously had to balance a reducing information technology (IT) workforce due to department wide budget cuts whilst undergoing an increase in identified cyber-attacks. The budget cuts have also resulted in a decrease in department wide training causing an inability for staff to maintain or increase their knowledge of current and emerging technologies and threats. Conversely, in the midst of the increased attacks and COVID-19, the Federal Government announced a boost to funding for Australian cybersecurity over the next ten years with the aim to improve our security capabilities and provide jobs to some 500 people.
Unfortunately, opportunities for transformation to secure architectures are complicated due to departments needing to maintain legacy systems because of non-standard customisations for business operations or due the costs involved in upgrading or replacing the technologies. Coupled with traditional Australian Government requirements for security controls, such as use of a Secure Internet Gateway (SIG), Departments are facing a tug-of-war between meeting their obligations versus uplifting capabilities and modernising their businesses.
Project Aim and Objectives
This project will investigate new technologies and capabilities provided by Secure Access Service Edge (SASE) and zero trust architectures, with a focus on Security Orchestration, Automation, and Response (SOAR) solutions. SOAR enables organisations the ability to streamline cybersecurity operations in the areas of threat and vulnerability management, incident response, and automation of security operations.
Deliverables and Outcomes
Research for this Project will explore the feasibility of SOAR across multiple Federal Government departments with varying Protective Security Policy Framework (PSPF) security classifications. If deemed appropriate, it will investigate the practicality of such a joint implementation including the potential risks, architecture, and departmental changes necessary to enable this functionality.
The Project will provide a project schedule, weekly project updates, and weekly blog posts. The final deliverable for the project will be a research paper and seminar presentation. All materials created by the project will be available on this website.
Resources
SOAR is a relatively new concept and capability. As such, access to traditional research material may prove difficult. This project will therefore use peer-reviewed publications where possible, whitepapers, conference papers, publicly accessible government documents, books, and documentaries.
References
Digital Transformation Agency. (2018, November). Digital Transformation Strategy 2015 – 2025. Retrieved from https://www.dta.gov.au/digital-transformation-strategy