Prime Minister Malcolm Turnbull has revealed the Australian government’s national cybersecurity strategy - with 33 initiatives totalling $231 million.
The program aims to foster better cybersecurity practices among businesses, as well as the government’s own practices.
"As your Prime Minister, my highest duty, and that of my government, is to keep Australians safe,” said Turnbull. “It is no different in cyberspace. Australians expect the government to protect them from cyber-attack and defend our country against sophisticated national security threats.”
Turnbull said the estimated cost of cybercrime in Australia is over $1 billion in direct costs, but some estimates said the long-term costs could be as high as $17 billion a year.
“Our cyber security strategy answers the call for national leadership. And it understands that Australia’s economic security is always placed at risk without strong national security.”
The plan includes the creation of approximately 100 new specialist jobs, and even more funds to promote science, technology, engineering and mathematics (STEM) skills in schools.
Other government initiatives include:
- $36 million over five years to improve Australia’s international innovation and science collaboration
- $30 million cybersecurity growth centre to promote collaboration and to help develop Australia’s cybersecurity industry.
- Children’s eSafety commissioner and former Dimension Data general manager Alastair MacGibbon will become the prime minister’s special advisor on cybersecurity.
CRN spoke to a number of Australian channel security providers to gauge their thoughts on the government’s initiatives.
Like most security professionals, SecureWare managing director Adam Barker was happy to see cybersecurity at the forefront of the national agenda.
“It’s fantastic there there’s a focus on cybersecurity, and I think Turnbull’s had a big play in that,” said Barker. “Everyone will be talking about Australia’s offensive capabilities, but I don’t think anyone ever believed we didn’t have them.”
“What I liked seeing was that there is a focus on business. It used to be just government, but this is leaning towards both business and government.”
As a South Australian native, Barker said he hopes the government’s $39 million Australian Cyber Security Centre will be built in Adelaide. The centre is aimed at facilitating more collaboration between the government and the private sector.
“We need the centre to focus on enterprise, not just business and government, so I’m looking forward to seeing where it is,” said Barker.
Sententia’s Tony Vizza also welcomed the announcement, praising the government’s commitment to STEM skills.
“Being dedicated to cybersecurity is always welcome. There’s no doubt in my mind we have problems in how much we spend on it,” said Vizza.
“Sitting through the [Australian Cyber Security Centre Summit] last week and hearing the research seemed to suggest we’re behind the rest of the world. Our academic engagement is quite poor, and anything that remediates that is very welcome.”
However, Vizza raised the point that the government’s strategy could come undone after the upcoming federal election on 2 July.
“There’s been a lot of noise over the last six months about this, so I’m concerned about how much of it is noise and how much is just confusing businesses with what to do.”
“It would be a good step forward if we could get this passed, but it might not be if there’s a change in government. We could be back to square one, but we’ll have to see what [Bill] Shorten brings to the table.”
Melbourne asset security management specialist IPSec focuses on security for mid-market firms. Director of operations Ben Robson was concerned that there was not enough focus on securing mid-market players.
“There is a lot of emphasis on scale operations and security of individual businesses,” said Robson. “Initiatives have always been focused on banks, education providers or individuals, but there is little leadership from the government that covers mid-tier firms.”
While the government pledged $15 million to provide grants to small businesses to improve their cybersecurity, Robson thinks there may have been an oversight.
“These organisations hold confidential information and intellectual property the same way as the big guys do but they don’t have the same budget.”
Robson was also wary of how the government plans to recruit new cybersecurity professionals to handle the government’s initiatives. The government has pledged and additional $48 million to promote STEM skills in schools. However, this does not address the immediate concerns that cybersecurity presents.
“If they’re going to be hiring 100 new jobs, where is that going to come from?” said Robson.
“Are they going to pull from existing professionals? If STEM is their plan, it’s fantastic to foster more talent, but if it’s not then where are they getting resources and over what time table? This is not an over-resourced sector.”