Australian Government Launches Comprehensive Cybersecurity Strategy to Protect National Economy
Posted: Wednesday, Nov 29
  • KBI.Media
  • $
  • Australian Government Launches Comprehensive Cybersecurity Strategy to Protect National Economy
Karissa Breen, crowned a LinkedIn โ€˜Top Voice in Technologyโ€™, is more commonly known as KB. A serial Entrepreneur that Co-Founded the TMFE Group, a holding company and consortium of several businesses all relating to cybersecurity including, an industry-leading media platform, a marketing agency, a content production studio, and the executive headhunting firm, MercSec. KBI.Media is an independent and agnostic global cyber security media company led by KB at the helm of the journalism division. As a Cybersecurity Investigative Journalist, KB hosts her flagship podcast, KBKast, interviewing cybersecurity practitioners around the globe on security and the problems business executives face. It has been downloaded in 65 countries with more than 300K downloads globally, influencing billions in cyber budgets. KB asks hard questions and gets real answers from her guests, providing a unique, uncoloured position on the always evolving landscape of cybersecurity. As a Producer and Host of the streaming show, 2Fa.tv, she sits down with experts to demystify the world of cybersecurity and provide genuine insight to businesses executives on the downstream impacts cybersecurity advancement and events have on our wider world.

i 3 Table of Contents

Australian Government Launches Comprehensive Cybersecurity Strategy to Protect National Economy

The Australian government has recently unveiled a new cybersecurity strategy designed to bolster the nation’s cyber capabilities and protect the economy and its citizens from cyber threats. The policy, led by Minister Clare O’Neil, seeks to make Australian entities harder targets, and to enable faster recovery from cyber attacks.

The government aims for Australia to become a world leader in cyber security by 2030, outlining specific goals for different time periods within the next decade. Close collaboration between the government and industry is emphasised for successful implementation. The Australian Government is allocating $587 million for the strategy, with a declared focus on supporting small businesses, raising public awareness, fighting cybercrime, and strengthening identity security. Additionally, investments will be made in critical infrastructure defence, establishing consumer standards for smart devices, and building a dedicated threat-sharing platform for the health sector.

The strategy has been met with a positive response from industry groups and small business organisations, who see it as a significant step towards enhancing cybersecurity measures.

Chris Sharp, CEO at Pax8 APAC responded,

โ€œThereโ€™s a path in Australiaโ€™s cyber security opportunity where the little guys arenโ€™t left out, but the advice to market โ€“ particularly to SMBs โ€“ needs to be polished.โ€ He went on to say, โ€œThe Governmentโ€™s โ€œhealth checkโ€ program announcement is a valiant effort โ€“ the true test will be how it goes about educating the right people across an extremely diverse SMB landscape. โ€˜Concierge-styleโ€™ support only goes so far, particularly if it doesnโ€™t know where to go, and businesses donโ€™t understand why to seek it out.โ€

 

Boosting Cyber Resilience for Small Businesses

Recognising the vulnerability of small and medium-sized businesses (SMBs) to cyber incidents, the government has injected $11million as part of the program to assist SMBs in enhancing their cyber resilience. The Small Business Cyber Resilient Service aims to provide step-by-step assistance to SMBs in the aftermath of a cyber attack, cushioning them from the worst of the financial and reputational damage that stems from such attacks. Additionally, the government has introduced a voluntary cyber health check program for businesses to self-assess their cybersecurity maturity.

The boost for SMBs was welcome by many in the industry, including Tim Hartman, Head of Solution Architecture, Australia & New Zealand, Infoblox who said,

“We welcome the Governmentโ€™s 2023-2030 Cyber Security Strategy and particularly its focus on real-time threat intelligence sharing, working in partnership with our neighbours, and raising all organisationsโ€™ and peopleโ€™s cyber security posture to make the whole stronger than the sum of its parts.โ€

โ€œWhile thereโ€™s a journey to go to become the most secure nation in the world in seven years, there are some important quick wins organisations ranging from SMEs โ€“ which will have the benefit of the new cyber โ€˜health checksโ€™ the Government has announced โ€“ to major enterprises and government agencies.โ€

 

Pax8 APAC CEO, Sharp, expanded,

โ€œThe problem is SMBs donโ€™t know how to start conversations, nor who to turn to. Working alone makes the cost of cyber security defences untenable, but it doesnโ€™t have to be this way. Your local florist, corner store, or even the grassroots neighbourhood start-up can contribute to building Australiaโ€™s resilience; they need the education to know why and how to be government compliant, fight increasing cyber insurance premium costs, and protect their customersโ€™ PII data.โ€

 

Protecting SMBs from Cyber Threats

Recent government reforms to privacy laws aim to protect SMBs from becoming attractive targets for cyber criminals. By implementing mandatory reporting obligations for ransomware attacks and creating a single online reporting portal, businesses can now navigate their obligations more effectively. The Council of Small Business Organisations has welcomed these measures, considering cyber risk as a significant concern for the small business sector, which reportedly loses $2 billion annually.

Aidan Tudehope, Managing Director, Macquarie Government, said protecting SMEs was a critical element of the strategy as it would bolster the nationโ€™s cyber posture more broadly.

โ€œSMEs are currently exempt from Australian privacy laws and many data protection, deletion, and governance requirements. But they make up about 95% of all organisations in Australia, and many are part of Government and critical infrastructure supply chains, sharing data and digitally interacting with entities crucial to the nationโ€™s economy and national resilience,โ€ Tudehope said. โ€œOrganisations with an immature understanding of cyber and privacy measures could be inadvertently creating risk for other, potentially more critical organisations, and we strongly welcome the Governmentโ€™s targeted support to help SMEs achieve new levels of cyber security and sophistication.โ€

Scott Magill, Managing Director, Rubrik A/NZ also welcomed the strategy but said he would like to see the ransomware reporting obligations combined with a stronger push to improve cyber resilience.

โ€œGaining greater visibility into the ransoms demanded and paid by Australian businesses seems like a step in the right direction, but in isolation will do little to actually protect Australian data,โ€ he said. โ€œIf itโ€™s to stop the flow of money to cyber criminals by implementing a punitive โ€˜big stickโ€™ to fine those who pay a ransom, then it is a misguided approach.โ€

Magil went on to say, โ€œIf itโ€™s to gain greater visibility into the scale of the problem, it is only half the solution. We need to think about the outcome weโ€™re striving to achieve and work backwards to get to the solution. In a perfect world, organisations arenโ€™t paying ransoms because they donโ€™t need to. With that in mind, I would urge the Government to consider supporting organisations to adopt an โ€˜assumed breach mindsetโ€™. This involves understanding attackers will eventually be successful and preparing ahead of time to keep the most critical and sensitive data safe โ€“ backups are central to this approach.โ€

The 6 Shields Approach

The new cybersecurity strategy is underpinned by the concept of the so called ‘6 Shields’, with strong businesses and citizens serving as key components of each shield.

  1. Strong businesses and citizens
  2. Safe technology
  3. World-class threat sharing and blocking
  4. Protected critical infrastructure
  5. Sovereign capabilities
  6. Resilient region and global leadership.

This comprehensive approach emphasises the importance of collaboration between businesses, citizens, and the government in creating a robust cybersecurity environment.

Anthony Stitt, Regional Senior Director, Nozomi Networks was particularly positive about the more proactive stance being taken by the government, along with the aim of enhancing Australiaโ€™s offensive capabilities.

โ€œThereโ€™s always something an attacked organisation could have done to remain protected, but we canโ€™t forget that cybercrime is crime. Greater involvement and offensive capabilities from law enforcement will help to change that mindset, and itโ€™s great that is a priority from Government through the 2023-2030 Cyber Security Strategy.โ€ ย 

The launch of Australia’s new cybersecurity strategy marks a significant milestone in the country’s efforts to protect its national economy and community from cyber threats. With support from industry groups and small business organisations, the strategy aims to uplift national cyber capabilities, enhance the resilience of small businesses, and protect them from cyber incidents.

The government’s commitment to collaboration and the involvement of expert advisory board members further reinforces the comprehensive and inclusive nature of the strategy. As Australia strengthens its cybersecurity defences, the hope is to elevate the nation’s position to global best practice standards, and I for one, support this effort in the right direction of helping ensure a safer digital landscape for all our citizens.

Share This