Australia first in three of four assessment criteria – critical infrastructure, organisational capacity and, importantly, policy commitment.

Australian Minister for Home Affairs Clare O’Neil delivered a speech on cybersecurity in Canberra on March 23, 2023.

She began by honouring the Ngunnawal and Ngambri people of Canberra and acknowledging the Indigenous Australians present at the event. O’Neil then thanked the Australian Information Security Association and other distinguished guests for their passion and energy in stepping up to challenges presented by cybersecurity.

O’Neil stated that she wants Australia to be the most cyber-secure nation and a cybersecurity superpower by 2030. She revealed that Australia has been ranked first on the Cyber Defence Index by MIT, among countries showing the greatest progress and commitment to enhancing cybersecurity. The Minister credited everyone in the sector for this achievement.

O’Neil went on to discuss the Optus and Medibank data breaches, which occurred four months into her role, stating that they were the two biggest cyber incidents in Australian history. She said that these breaches woke the country up from the cyber slumber, and no matter what is done, no country can reduce cyber risk to zero. She added that part of being a strong Australia is getting up quickly when an attack is experienced.

In response to these breaches, O’Neil announced that Prime Minister Albanese had created a new National Coordinator for Cyber Security, supported by a National Office for Cyber Security. The coordinator’s role is to lead on developing and maintaining a capability that is not only looking outwards to promote cyber resilience across business, critical infrastructure, and civil society but also looking inwards to protect and secure the cyber infrastructure underpinning the successful delivery of government services and programs.

The Minister stated that the coordinator will be supported by the National Office for Cyber Security, a function housed in her department, and the office will work closely with other arms of the Home Affairs Portfolio and the National Security Community.

O’Neil also revealed that the Australian Government will release its new national cybersecurity strategy, outlining what needs to be done in government, business, and the community to bring the security of Australia’s digital economy up to where it needs to be, later this year. The strategy will be out by 2030.

The Expert Advisory Board, led by former Telstra CEO Andy Penn and including cybersecurity and telco expert Rachael Falk and former Chief of Air Force Mel Hupfeld, will help the government develop the new Cyber Security Strategy. Andrews said that the Advisory Board and officers from her Department of Home Affairs have conducted 11 roundtables with industry partners across multiple sectors, including small and medium businesses, legal, technology, domestic industry, insurance, and transport.

During the stakeholder consultation, the government heard that the development of Australia’s cyber capabilities relies on meeting its needs for skilled cyber professionals, and businesses do not feel that their cybersecurity obligations are clear or easy enough to follow. Furthermore, there is an opportunity to better align responsibilities across industry so that cyber risks are managed by those best-placed to do so.

O’Neil mentioned that the initiatives she is considering for the new cybersecurity strategy include creating a legislative framework to shift cybersecurity risks away from vulnerable community members towards those best placed to manage it, supporting Australian businesses, including small businesses, to enhance their cybersecurity, and driving businesses to understand that cybersecurity and trust is a competitive advantage.

The minister also revealed that the government will ensure that Australia is building a future workforce of skilled cybersecurity professionals to contribute to the country’s national cybersecurity, both in the private sector and in government. Additionally, the government will raise the costs of the cybercrime business model and support Australians facing complex cyber threats.

Finally, O’Neil said that critical infrastructure networks are being targeted by a range of malicious cyber actors, including criminal and state-backed actors in some instances. She said that the types of cyber threats and consequences from attacks are rapidly evolving, and the government must keep pace with the evolving threats.

Tags: AustraliaCybersecurity