The Australian Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC) have revealed there are currently seven cloud providers undertaking certification that would allow them to provide cloud services to federal government entities.
special feature
Cyberwar and the Future of Cybersecurity [1]
Today's security threats have expanded in scope and seriousness. There can now be millions -- or even billions -- of dollars at risk when information security isn't handled properly.
In response to a question taken on notice by Australia's Cyber Coordinator Alastair MacGibbon from Senate Estimates in May, the ASD and ACSC also said there are 10 companies waiting for certification to commence, having already completed the Information Security Registered Assessor Program (IRAP) Security Assessments, as well as a further 12 companies conducting IRAP assessments before starting the certification process.
Currently, there are 18 secure clouds, from 11 vendors, on the ASD's Certified Cloud Services List (CCSL).
The CCSL is comprised of clouds certified at unclassified dissemination limiting marker (DLM) level, and also protected level, which is currently the highest security level approved by the ASD.
Local vendors Sliced Tech and Vault Systems[3] were the first to receive protected status and were shortly followed by Macquarie Government[4], part of the Macquarie Telecom Group.
NTT-owned Dimension Data was then accredited to provide protected-level[5] cloud services to Australian government entities, despite being an international company and one with datacentres outside of the country.
Microsoft was the fifth and final vendor