A four month search for the boss of a new office responsible for synchronising multiple Commonwealth agencies' responses and protections against cyber incidents has landed on the Royal Australian Air Force (RAAF)'s Air Commander Australia Darren Goldie.
From July 3, the two-star general will work on delivering joint Home Affairs and cyber security minister Clare O’Neil’s commitment to building a more coordinated approach to preparing for and managing the consequences of cyber security incidents.
"The coordinator will lead national cyber security policy, the coordination of responses to major cyber incidents, whole of government cyber incident preparedness efforts and strengthening of Commonwealth cyber security capability," Home Affairs minister Clare O'Neil said.
"The coordinator will lead this work in collaboration with the government’s key policy, operational and security agencies."
In February, O’Neil announced that the National Office of Cyber Security (NOCS) would be set up as part of the 2023-2030 Australian Cyber Security Strategy, which is not yet finalised; responses to its discussion paper [pdf] are under review.
In May, the government announced the office would receive $37.3 million over the next four-and-a-bit years, which comes from the $101.6 million that the 2023-24 federal budget allocated to multiple departments over five years “to support and uplift cyber security in Australia.”
NOCS builds on the remit of Home Affairs’ cyber security response coordination unit (CSRCU), which was set up in December in response to an internal review of the department’s handling of the Optus and Medibank data breaches.
O’Neil said that the new national cyber coordinator would be responsible for CSRCU’s exercises on organisations covered by the Security of Critical Infrastructure Act 2018 (SOCI) when the program was first announced in April.
Banks have participated in the ‘national cyber security consequence management exercises’ and aviation is next in line.
According to a statement, Goldie will also coordinate with the Australian Cyber Security Centre (ACSC)’s 'exercise in A box' program, which also tests organisations in SOCI-covered industries.
ACSC said at senate estimates last month that it had assisted CISC’s exercises with technical support, but that its own ‘exercise in a box’ programs were separate.
In addition to his 30 years at RAAF, Goldie seconded to the International Division of the Department of the Prime Minister and Cabinet to provide strategic foreign policy advice in the 2020-21 financial year.
He returned to RAAF to be appointed Air Commander Australia in April last year.