August 20, 2022
Opposition cyber security spokesman James Paterson is calling on the Albanese government to provide urgent detail on its new cyber security strategy amid concern uncertainty between policies could leave Australia vulnerable to attacks.
The calls follow Labor’s plan to tear up the former government’s $1.7bn 10-year cyber security strategy under a complete overhaul revealed by The Australian on Friday.
Home Affairs Minister Clare O’Neil has ordered her department to recast the strategy aimed at boosting sovereign capability and building a frontline cyber workforce to combat escalating threats from malicious state-based actors and criminal gangs.
It will focus on building closer links with Quad partners the US, Japan and India to accelerate the shift from reliance on China for critical technologies, amid concerns about Beijing’s global supply chain dominance.
Senator Paterson said industry stakeholders were concerned about which parts of the former strategy it would scrap, arguing that companies had made significant efforts to protect themselves, including implementing risk management programs and mandatory reporting requirements for critical infrastructure.
“What I am concerned about is that the government has said they are scrapping the strategy but they have not been clear about which part,” Senator Paterson told The Weekend Australian. “They need to urgently tell people what they are going to do because they’ve created enormous concern across industry.
“I’ve had stakeholders worried today about what it means – it’s already caused some real surprise and alarm.”
Senator Paterson said the drafting and eventual implementation of a new cyber strategy could take months, and Australia could be left vulnerable amid an increased strategic threat from China.
“It is going to be very hard to meet the challenges we face from criminal ransomware gangs to hostile authoritarian nations,” he said. “We need everyone firing at all cylinders, including industry, partners and government working together … anything that causes uncertainty is of great concern.”
Australian Strategic Policy Institute cyber policy director Fergus Hanson said Labor’s new plan should ensure all funding spent was linked to measurable outcomes to ensure investments had a tangible impact.
He said the current policy also needed to include measurable outcomes. “What’s missing is efforts to measure whether we are going forward or backwards, and to get a sense of whether the security ecosystem is getting better or worse. The UK offers an early example we could look at where they have tried to measure their impact and we should look at that approach.”
Amid a domestic shortage of nearly 20,000 cyber security experts, Mr Hanson said some funding should be directed to find pathways to train Australian workers and import labour from overseas.
A spokeswoman for CyberCX, Australia’s largest cyber security firm, said Labor’s new plan must build on “much-needed” progress enacted in recent years, particularly the former government’s critical infrastructure reforms.
“The acute cyber skills shortage is a large and growing challenge and … closer and deeper partnerships between industry and government are needed to close the gap,” she said.
