You know the frustrating thing? The ASD is actually good. They have extremely reasonable standards, a good education for departments and training of auditing companies for their standards, great published stuff.
But security costs money and we can blame breeches on those devilish h4ck3r5 so yeah nah
Mmm poorly justified omnisurvellience methods during a period of unprecedented peace.
Defs 5 eyes stuff, so all your data are going to be slurped up into some no such agency algorithm that'll spit back to the AFP "a investigate this chump, no we can't tell you why but your harassment is legal now".
Ahh the future, minority report except instead of clarvoiant bath people we get racist algorithms glued together with PHP.
Although I might be telling you something you already know (and at risk of sounding really boring); it sounds like what they're really doing here is standing up a system that is certified to handle data up to "top secret" classification. The fact that such a system exists, in and of itself, is clearly not a secret.
There are a huge number of requirements for systems handling data like that, everything from specific requirements for how physical cables are labelled, to which cryptographic algorithms are used for encryption, all the way through to corporate governance and management plans within the organisations that are involved. It is essentially a giant exercise in bureaucratic box ticking (although I can understand why governments want to be thorough about this stuff).
After completing that entire process, what you're left with is usually a fairly standard computer system, plus a whole bunch of assurances that this specific system is okay to use for "top secret" information. The actual capabilities of the system (and certainly the data within it) may well be top secret, but the existence of the system isn't.
It's broadly similar to the GovTeams PROTECTED system. The existence of the system itself is public information, complete with a relatively slick website, but the actual access to the system is controlled. A quick glance at that website makes it clear that GovTeams is essentially just MS Teams / MS365 but certified for "PROTECTED" information. In the same way, I would bet money on it that this "top secret " cloud system ends up just being a fairly standard commercial offering from a major cloud provider (Azure, AWS, etc.) which is approved for storing top secret information after the parties involved complete the required box ticking.
Australia is developing a "top secret" intelligence community cloud to help national security agencies better detect threats through shared data, while also being interoperable with US and UK spy networks.
Director-General of the Office of National Intelligence (ONI), Andrew Shearer, has revealed some details of the project which would facilitate the sharing of "vast amounts of data", during an address to the Centre for Strategic and International Studies in the United States.
Mr Shearer said the "experiences" of the US and UK in building out their respective intelligence clouds has also shaped Australia's program, helping confront "problems" and avoid "some of the pitfalls".
"ONI led an open Request for an Expression of Interest (REOI) process in 2021 to determine possible partners for a TS Cloud to ensure better connectivity and collaboration across the National Intelligence Community (NIC)," a spokesperson told ABC News.
The spokesperson declined to name which companies were involved or how the new cloud would manage material classified 'Australian Eyes Only', saying "for reasons of national security we don't provide further detail regarding capabilities or technologies".
During his CSIS address Mr Shearer confirmed a new Australian National Intelligence Community strategy would include a "set of principles" that will make sharing of new technologies across various agencies mandatory.
The original article contains 465 words, the summary contains 209 words. Saved 55%. I'm a bot and I'm open source!