by George Nott

Census failure report release now down to PM, says his cyber adviser

Oct 20, 2016
GovernmentGovernment ITSecurity

The decision to release the long-awaited review of the census failure now sits with the prime minister, says his special adviser on cyber security.

Alastair MacGibbon, Special Adviser to the Prime Minister on Cyber Security and author of the post-mortem and learnings report, told an AISA security conference this morning that the timing of the report’s release was now in the hands of Malcolm Turnbull.

“That’s a matter for the prime minister,” he said. “I’ve given my advice to the PM on the things we can learn from the census. It would be fair to say there are things that we can learn from the census…It is a matter for the prime minister what we release.”

MacGibbon said he would be appearing in front of a Senate inquiry into the census debacle next week.

Pushed on why the report had taken so long to complete, MacGibbon joked: “I had to write it. And I type slowly.”

Embellishing on the delay, he explained that he wanted to “make sure we got it right”.

“We had to look at what actually happened on the night, then we had to look at what the learnings were,” he said. “That takes time. The report is now with the prime minister and it’s for him to consider and probably to be considered by others in government as well. So it does take time. And we had a few other things on. But it was important to get it right to know what happened.”

The Australian Bureau of Statistics (ABS) pulled the August Census website offline after what it claimed was a series of minor denial of service attacks followed by a hardware failure that led to a misidentification of a large-scale denial of service attempt.

A blame game has already begun between the vendors and providers involved in implementing the census. Main contractor IBM has pointed the finger at government agencies and at least two internet service providers in its submission to the investigating committee. Meanwhile ISP Nextgen and its upstream supplier Vocus have called IBM’s account of events into question.

MacGibbon added that the denial of service protection that was in place “wasn’t sufficient”, and reiterated that the real damage was to trust in the government.

“When you think about it: it wasn’t a significant cyber issue, there was no nation state doing harm to us, there was no massive loss of data, there’s no compromise of a critical intelligence agency. But it resonates with the Australian public,” MacGibbon said.

“As painful as the night and the days that followed were. There are things we can learn from that, that will actually increase, even for the doubters, the trust and confidence in the way the government delivers services. Out of failure you can get success.”

Last night, in front of a Senate Estimates Committee in Canberra, head of the ABS David Kalisch said that the IT bungle would cost an extra $30 million to rectify.

Kalisch will be questioned further at the Senate inquiry next week.