BLUF

As cyber attacks become more sophisticated and relentless, many executives are looking towards automation as a tool for cyber defence.

Summary

Cyber security breaches are increasing in both number and nature as cyber criminals seek to gain the competitive edge for financial or political gain. The nature of these breaches extends to gaining access to private sector commercially sensitive information and intellectual property, disruption of business continuity or compromising public trust in commercial services; and to universities for the latest in research and development. Yet in this environment, only 38% of companies are confident in their ability to handle a sophisticated cyber attack. With the introduction of offensive automated bots to conduct these sophisticated attacks, IT professionals are no match to repel the sheer volume, pervasiveness and persistence of attacks. Is the answer to create an army of defensive automated bots to defend our national interests and economy and provide a cyber security incident response? Does the Defence Act allow such a virtual force to be deployed on home soil? The benefits of automating cyber security are obvious: uniform strength, increased efficiency, fewer errors and faster, potentially, better decision making. However, the concerns are equally obvious: loss of control, distrust in technology, and the potential impact on the human workforce. How might Australia's Air Force weigh these benefits versus concerns to decide on the best strategy to prevent and manage threats in the air, space and cyber domains?