Labor wipes slate clean in overhaul of Scott Morrison’s cyber security strategy
The $1.7bn 10-year plan will be torn up under an overhaul to fight rising threats from state-based actors, criminal gangs.
Scott Morrison’s $1.7bn 10-year cyber security strategy will be torn up, under an Albanese government overhaul aimed at boosting sovereign capability and building a frontline cyber workforce to combat escalating threats from malicious state-based actors and criminal gangs.
Home Affairs Minister Clare O’Neil has ordered her department – as a top priority – to re-cast the strategy rushed out during the Covid-19 pandemic by the former prime minister in mid-2020.
The new strategy will focus on building closer links with Quad partners, the US, Japan and India, to accelerate the shift from reliance on China for critical technologies, amid concerns about Beijing’s global supply chain dominance.
Ms O’Neil, whose appointment as Cyber Security Minister in cabinet was a key election pledge by Anthony Albanese, said Australia’s next cyber security strategy would be a “whole-of-nation effort”.
“It will be grounded in sovereign capability, with a plan for the future workforce and growth of the cyber security sector, including Australian cyber SMEs,” Ms O’Neil said.
“It will build resiliency, with real engagement and industry alliances to deal with cyber shocks in an assured, not anxious way.”
Telstra chief executive Andy Penn, who chairs the government’s cyber industry advisory committee, will speak at the National Press Club next Tuesday to outline his long-term vision for strengthening Australia’s cyber security strategy.
The Australian Cyber Security Centre estimates that cyber crime costs the economy more than $33bn a year.
In response to rising cyber attacks emanating from China, Russia, eastern Europe, Iran and North Korea, the Morrison government announced a $9.9bn package in the March budget for the Australian Signals Directorate and the ACSC to hire more than 1900 staff. But with the $167bn tech sector reporting severe labour skills shortages and ASD leaking staff to the private sector, the Albanese government is considering how to rapidly grow the cyber workforce through new apprenticeships and re-skilling Australians.
The new strategy, which will involve industry-wide consultation, comes as security agencies monitor the deteriorating geostrategic environment, including an increasing risk of conflict.
The Australian understands the cyber threat environment has greatly worsened during the pandemic and since the 2020 strategy was released.
Malicious cyber activity has spiked following Russia’s invasion of Ukraine and Chinese military drills off Taiwan, where officials have reported cyber attacks on local networks.
Ms O’Neil said the cyber strategy would look ahead to “include the role of critical technologies, our partnerships through the Quad and international norms and standards”. “It will be truly strategic, in how it contributes to Australia’s economic growth and as part of our national security posture, including securing supply chains,” she said.
Despite significant reforms to Australia’s critical infrastructure coming into force recently – increasing the number of sectors that qualify from four to 11 – the Albanese government remains concerned about the risk of economic disruption and significant damage or disruption to essential services.
The ACSC received more than 67,500 cybercrime reports in the last financial year, or one incident every eight minutes, from governments, large companies, critical infrastructure operators, small businesses, families and individuals. Cyber attacks targeting essential service providers and nationally significant sites increased by 15 per cent, with 25 per cent of all reported incidents involving critical infrastructure companies, including those in the health, care and food-distribution sectors. There has also been an uptick in severity, with 50 per cent of all cyber incidents categorised as “significant”.
The Australian understands Home Affairs officials and the cyber security industry were surprised by Mr Morrison’s premature release of the strategy, which some felt inadequately addressed long-term structural issues that must be overcome to build a modern cyber workforce.
When Mr Morrison released his cyber security strategy in August 2020, he said state-based actors, understood to be Chinese-sponsored, were launching mass attacks on Australia’s critical infrastructure operators and government agencies.
The 2020 strategy said Australia must use both “offensive and defensive” tactics to thwart threats from nation states and state-sponsored actors seeking to compromise networks to obtain economic, policy, legal, defence and security information “for their advantage”.
The new cyber security strategy incorporates a range of Labor’s election policies, which focus on tougher penalties for cyber criminals and protecting Australians from scams and online fraud. Ahead of the May 21 election, the Albanese government committed to establishing a UK-style national anti-scam centre bringing together security agencies, banks, telecommunications providers and consumer advocates to harden national defences. Other policies included more funding and support for Australians to retrieve stolen identification quicker and tougher industry codes for service providers to define clearly responsibilities for protecting consumers and businesses online.
Labor will also consider stronger penalties for online fraudsters and those engaging in misleading conduct and deceptive practices.
The Albanese government is expected to build on measures in the 2020 strategy, including a greater focus on educating children in cyber security across all school ages and improving pathways for young Australians to enter the cyber workforce.
With tech and cyber industries offering well-paid jobs, many of which are going unfilled, the government is expected to boost training for older workers, allowing them to re-skill and change professions.
More Coverage
‘We have leadership role on climate change’
Anthony Albanese says Australia is playing a ‘leadership role’ in preparing the Pacific for climate change as he arrived in Samoa for a meeting of Commonwealth leaders.
Middle East ceasefire would help my CPI war: Chalmers
Jim Chalmers will make an economic case for a ceasefire in the Middle East and open a new front in Labor’s push to end conflict in the region, warning the ‘global middle class’ will be hurt.