3 years ago
AUSTRALIA’S CYBER SECURITY STRATEGY
TIM WATTS MP
It is now more than a month since the Morrison Government’s 2016 Cyber Security Strategy reached the end of its life – but the promised 2020 Cyber Security Strategy is still nowhere to be seen.
While Australians face a tidal wave of COVID-19 themed cyber crime and major Australian companies like Toll and Bluescope Steel have become the latest victims of a worldwide surge of ransomware attacks, Peter Dutton is missing in action.
Once again cyber security has fallen to the bottom of Peter Dutton’s To Do list.
Peter Dutton released a ‘Call for Views’ document on the Cyber Security Strategy on 5 September 2019 – nine months ago.
Initial consultations for the 2020 Cyber Security Strategy concluded on 1 November 2019 – seven months ago.
The ACSC Small Business Survey was commissioned on 17 June 2019 – 11 months ago – but we still haven’t seen the results.
Cyber Security policy is getting less attention from Peter Dutton than the Ruby Princess.
The major failing in Australian cyber security over the life of the current strategy has been an absence of political leadership and accountability from the federal government.
Since Scott Morrison took over as PM, cyber security policy has been politically orphaned.
The 2016 strategy promised:
While Australians face a tidal wave of COVID-19 themed cyber crime and major Australian companies like Toll and Bluescope Steel have become the latest victims of a worldwide surge of ransomware attacks, Peter Dutton is missing in action.
Once again cyber security has fallen to the bottom of Peter Dutton’s To Do list.
Peter Dutton released a ‘Call for Views’ document on the Cyber Security Strategy on 5 September 2019 – nine months ago.
Initial consultations for the 2020 Cyber Security Strategy concluded on 1 November 2019 – seven months ago.
The ACSC Small Business Survey was commissioned on 17 June 2019 – 11 months ago – but we still haven’t seen the results.
Cyber Security policy is getting less attention from Peter Dutton than the Ruby Princess.
The major failing in Australian cyber security over the life of the current strategy has been an absence of political leadership and accountability from the federal government.
Since Scott Morrison took over as PM, cyber security policy has been politically orphaned.
The 2016 strategy promised:
- A Minister Assisting the Prime Minister on Cyber Security: yet when Scott Morrison became Prime Minister, this position disappeared.
- Annual updates reporting on implementation progress: a first annual update was published in 2017, but none have been published since.
- Annual cyber security leaders’ meetings: Malcolm Turnbull met with public and private sector leaders in 2017, but no meetings have been held since.
The result has been policy drift. As the cyber threats facing Australians have changed and grown, the Morrison Government has offered no political leadership.
While the Morrison Government dithers, Labor has been leading the conversation on the new Cyber Security policies Australia needs in a radically changed world, through the release of a Discussion Paper, “National Cyber Resilience: Is Australia Prepared for a Computer Covid-19?”.
Labor’s discussion paper examines Australia’s current vulnerabilities and examines new ideas that could lift the baseline of Australia’s cyber security including:
While the Morrison Government dithers, Labor has been leading the conversation on the new Cyber Security policies Australia needs in a radically changed world, through the release of a Discussion Paper, “National Cyber Resilience: Is Australia Prepared for a Computer Covid-19?”.
Labor’s discussion paper examines Australia’s current vulnerabilities and examines new ideas that could lift the baseline of Australia’s cyber security including:
- An Active Cyber Defence program modelled on that deployed by the United Kingdom National Cyber Security Centre — a framework of automated, scalable interventions to tackle the most common cyber threats and make the Australian internet safer for everyone to use.
- A Cyber Civilian Corps – an organization that engages volunteers in public interest cyber security tasks in their own community like education and outreach, testing and assessment as well as providing additional surge capacity in moments of crisis.