Inbox.News digital newspaper topper logo
1 year ago
A new report from the federally funded Cyber Security Cooperative Research Centre has warned that the ‘ad hoc’ cyber resilience of Australian small businesses was creating a ‘widening cyber security divide’ with bigger, more capable businesses – but the Morrison Government is still missing in action.

The new report found that small businesses were often compromising basic cyber hygiene measures as they have sought to enable staff to work from home during the COVID-19 pandemic. These vulnerabilities then create risks for the other organisations they interact with.
As Rachael Falk, the CEO of the Cyber Security Cooperative Research Centre, told the Australian Financial Review:

"Smaller companies play a key role in the Australian business community so it is important that they remain a focus when it comes to developing solutions and policies to help them effectively manage (cyber security) risk. Management of cyber security risks and how they are mitigated should always remain the responsibility of independent organisations. However, as noted in the report, there is an opportunity for government to continue to assist and provide guidance to businesses."

Despite this important role for government, Australia’s 2016 Cyber Security Strategy reached the end of its four year life more than a month ago. The Morrison Government’s consultations on a new strategy began nine months ago but a new strategy has still not been released. 

Most strikingly, the Australian Cyber Security Centre’s Small Business Survey, which would provide a baseline for understanding the cyber security posture of Australian small business was commissioned 11 months ago - but the Morrison Government still hasn’t released the results. That’s nearly a year of inaction on small business cyber security policy development.

As today’s CRC report highlights, Australian small businesses have been confronted by a wave of new cyber security threats during the COVID-19 pandemic as employees adjust to working from home and cyber criminals seek to exploit health and economic fears to trick their targets.

But once again, cyber security policy has fallen to the bottom of Peter Dutton’s to-do list.

In contrast, Labor has released a discussion paper examining the new cyber security policies Australia needs to confront these challenges; “National Cyber Resilience: Is Australia Prepared for a Computer Covid-19?”.

Labor’s discussion paper examines Australia’s current vulnerabilities and examines new ideas that could lift the baseline of Australia’s cyber security including:
  • An Active Cyber Defence program modelled on that deployed by the United Kingdom National Cyber Security Centre — a framework of automated, scalable interventions to tackle the most common cyber threats and make the Australian internet safer for everyone to use.
  • A Cyber Civilian Corps — an organization that engages volunteers in public interest cyber security tasks in their own community like education and outreach, testing and assessment as well as providing additional surge capacity in moments of crisis.

Communications and the Arts