The DISP program ensures the Department of Defence acquires goods and services from a security-vetted supply chain.
Membership means Macquarie can now submit tenders across its government, cloud, telecommunications and data centre services and products. It claims to be the first sovereign member of DISP to supply this range of services.
"From a data perspective alone, Defence has worldwide operations and deals with all levels of data classification," said Macquarie Government managing director Aidan Tudehope.
|
|
"The ability to provide an all-sovereign range of services, personnel and facilities gives us a unique ability to bring together and secure the entire supply chain, providing a safe harbour for Defence data during increasingly uncertain times."
DISP members undergo continuous assessment to ensure standards are maintained.
Tudehope pointed out that the Australian Signals Directorate's certified cloud services list (CCSL) comes to an end next month, and that programs such as the Information Security Registered Assessors Program are limited to providing a point-in-time validation of a supplier's security.
"Many agencies are large enough to have a qualified security team and/or a CISO, but many are not," said Tudehope. "Without the guiding hand of the CCSL, smaller agencies in particular will become increasingly reliant on independent assessments and validation of cloud service providers to make informed decisions and keep the whole of Government secure.
"There's a certification gap forming as CCSL ends and we await expansion to IRAP's existing functions. Agencies need to take into account other accreditations such as DISP to make informed decisions, particularly at a time when they're so dependent on cloud services and cyber security is high on the national agenda."
