Australia’s $9.9bn cyber army activated

Cyber security agencies are on track to recruit up to 1900 new staff under the REDSPICE program, as the ASD reports a lower workforce churn amid a surge in cyber defence activity.

Geoff ChambersCHIEF POLITICAL CORRESPONDENT

@Chambersgc

2 min read

6:46PMMarch 13, 2024

Australian Cyber Security Centre head Abigail Bradshaw at the Australian Signals Directorate headquarters in Canberra. Picture: Gary Ramage/NCA NewsWire

Cyber security agencies are on track to recruit up to 1900 new staff under the $9.9bn REDSPICE program, as the Australian Signals Directorate reports a lower workforce churn amid a surge in cyber defence activity.

Australian Cyber Security Centre head Abigail Bradshaw said the ASD was “doing brilliantly” in progressing the 10-year plan to double the country’s cyber army, as global threats posed by criminal gangs and Chinese, Russian and Iranian state-based actors intensify.

Under the REDSPICE program, ASD will triple its offensive cyber capability, double cyber hunt activities, invest in advanced AI, machine learning and cloud technology, quadruple its global footprint and locate 40 per cent of staff outside Canberra.

After releasing Labor’s cyber security strategy in November last year, Home Affairs Minister Clare O’Neil said the government remained fully committed to the Morrison government’s record ASD investment announced in the March 2022 budget.

Ms Bradshaw told The Australian “we have met and in some instances exceeded the recruitment targets that we set for the REDSPICE transformation program and our separation rate is dropping and is lower than I’ve seen it in the past”.

“ASD has a strong brand for technical competence and I think it’s important for young people to join an entity with good brand resonance but also one which is crystal clear on its mission,” Ms Bradshaw said.

“Most of them will have a natural and strong affiliation for our national security mission. We have the benefit of a great internal training regime which leverages large components of commercially available training and we integrate that with unique capabilities and powers that you could only exercise legally inside ASD.”

The ASD recruitment drive comes amid unprecedented global competition for talent, efforts to streamline security clearance processes and headhunting by private sector firms.

US Cybersecurity & Infrastructure Security Agency executive director Brandon Wales said movement of people between government and the private sector should be embraced.

“Having people who have worked on both sides is a tremendous advantage, and one of the strengths of the West is our vibrant cyber security industry, which has developed over the past two decades,” he said.

“We’ve also had tremendous success in people coming back in mid-career, after they’ve spent some time in industry, wanting to get back into the mission or joining the mission for the first time because we’re not never going to compete on salary but the mission of organisations like CISA and ASD you can’t get any place else.”

US, British and Australian security agencies are also exchanging personnel, with key staff embedded across countries to enhance co-operation.

Mr Wales said the US-led international counter ransomware taskforce, which involves more than 50 countries, is working to improve information sharing across threat indicators, malware and tracking ransomware gang cryptocurrency funding streams.

“The number of different lines of effort the taskforce has embarked upon are designed to improve the ability for all of the countries that are facing the same ransomware challenges to benefit from the expertise of lessons learnt from the (others),” he said.

“There’s a tremendous amount of work to do to disrupt the ecosystem and have the kind of impact we need, given what ransomware crews are bringing to the table.”

Ms Bradshaw said the counter ransomware push, which extends beyond the Five Eyes nations, is a “call to arms” for nations to share threat information and take action at a domestic level.