The federal government's new $230m cybersecurity strategy will rally private and public-sector experts to put the country on a war footing against nation-state adversaries and those targeting Australian corporate interests, with a range of initiatives designed to formalise the country's evolving cybersecurity capabilities.
Announced by prime minister Malcolm Turnbull this morning, the four-year funding commitment – the long-awaited result of a six-month review of Australia's cybersecurity defences – will see more than 100 security experts brought onboard to increase company security education, coordinate cross-border cybersecurity efforts, and otherwise tackle what Turnbull called an “unprecedented” tide of “criminality, espionage, sabotage and unfair competition online.”
The strategy is aligned around five key themes: partnerships between governments, strong cyber defences, global responsibility and influence, growth and innovation, and a “cyber smart nation”.
Among the 33 initiatives outlined in the policy will be a realignment of the Australian Cyber Security Centre (ACSC), which was first announced and funded in a $1.46 billion initiative by prime minister Julia Gillard in January 2013.
Launched in late 2014 as the most concrete step by the government to formalise Australia's cybersecurity capabilities, the ACSC brought together cybersecurity experts from organisations including the Australian Crime Commission, Australian Federal Police, ASIO, the Australian Signals Directorate, and the Attorney General Department's Computer Emergency Response Team (CERT).
The new policy will expand the ACSC's capabilities outside of its current home in the new ASIO headquarters, encouraging easier collaboration between government and industry that will be anchored by a secure online threat-sharing network.
CSIRO-NICTA joint venture Data61 has been earmarked as a strategic partner in the development of cyber threat sharing sites – initially at Sydney's Australian Technology Park and Melbourne's Goods Shed, colocated with the Oxford Global Cyber Security Capacity Centre (GCSCC).
Other offices will be added nationwide and the strategy will see Academic Centres of Cyber Security Excellence established in universities.
“We will establish a network of nodes across Australia, establishing business opportunities for the cyber industry and strengthening ties for leadership and innovation,” Turnbull said in launching the policy. “In this area, more than so many others, collaboration is absolutely key.Read more: Reddit's removal of ‘warrant canary’ could hint at US demand for its user data
The more our best researchers can work together with customers, businesses and CIOs, the more that they interact and engage, the more innovation you will see. I want Australia to lead the world in cybersecurity and we have the brains and imagination to do so.”
Turnbull will also designate new staff including a Minister Assisting the Prime Minister on cyber security and appoint a special advisor on cyber security in the Department of the Prime Minister & Cabinet (DPMC) who will spearhead the government's cybersecurity policy.
The government will also engage the business and academic community to jointly develop a model for improving cybersecurity awareness and skills development.
The strategy, which together with funding announced in the new Defence White Paper boosts the government's total cybersecurity commitment to some $632m, will also include initiatives such as the development of voluntary health check guidelines tailored by business size and sector.
Some 5000 small businesses will receive funding to have their cybersecurity defences tested, Turnbull also announced. “We will jointly exercise our national response to be better prepared,” he said, noting the development of good-practice guidelines that “will complement the international standards already adopted by large companies.”
Read the full Cyber Security Strategy here.
- Australian execs less involved in security than APAC counterparts as business interruption surges: Telstra
- The week in security: Why scammers and extortionists love Australia; Apple cites US Constitution in FBI fight
- 8 in 10 ‘government approved’ health apps are insecure
- US CNAP sets pace as Australian industry continues “holding breath” for overdue cybersecurity policy
- "With government moving to cloud services ……understanding the security capabilities is important"
- Security experts, activists call on governments to reject ‘backdoor’ laws
- Gov't cybersecurity policy a good start but private-sector engagement is key: industry
- The week in security: Cybersecurity strategy enlists private sector; AI to complement human security intelligence
- Don't assume that government security is any better than yours
- ACS frames cybersecurity imperative as Victoria addresses ICT, security disasters