Online risk resilience hardening

Partners: Science and Industry Endowment Fund (SIEF) through the Data61 Supply Chain Integrity Challenge, CSIRO Vacation scholarship program

Duration: Continuous (01/2019 onwards)

The conceptualisation of this project was part of the SIEF funded research on the Supply Chain Integrity Challenge in the Future National ICT Industry Platform Program. It falls within the Security, Privacy & Trust theme and builds on the output of the work done during the Pilot Challenge – Visible and connected supply chains: Tackling food provenance and providing safety assurance for Australia’s primary industries.

Supply chains are a critical component for supporting the prosperity of the Australian agriculture and food industries. These complex supply chain systems have a bigger technological attack surface and is prone to cyber attacks through specific threats and vulnerabilities. These attacks can either be generic attacks applicable to a large number of technology users, or they can be attacks targeted at the specific industry, affecting the integrity of the supply chain. Our work details the need for online risk assessment and online risk hardening, and presents an overview of the online risk assessment methodology approach.

This project sees the development of a cyber security risk assessment methodology based on uniquely developed organisational profiles, and resulting in an individualised risk resilience and online hardening approach. The development of our platform will assist clients and customers to assess and harden their own online risk resilience profiles. The purpose of conducting such an assessment is to identify the links most vulnerable to online exploitation and harden these for a more mature online cyber profile. The development of such an online resilience platform is aimed at building a national capacity of cyber resilient entities that can work together in unity within a safe online Australian cyber space. The online resilience platform will enhance people’s ability to use connected technology more powerfully in an ever-connected world, focusing particularly on formal and informal supply chains, by aligning humans and cyber security through behaviour analysis and system design.