Modern Australian
The Times

Australia is vulnerable to a catastrophic cyber attack, but the Coalition has a poor cyber security track record

  • Written by Greg Austin, Professor UNSW Canberra Cyber, UNSW

This article is part of a series examining the Coalition government’s record on key issues while in power and what Labor is promising if it wins the 2019 federal election.

The government’s chief cyber security coordinator, Alastair McGibbon, told an audience of specialists in November 2018 that the prospect of a catastrophic cyber incident is:

the greatest existential threat we face as a society today.

Using a nautical metaphor, he said such an event was not far off on the horizon, but could be on the next wave. He cited what one technology expert called the most devastating cyber attack in history, the NotPetya attack in 2017. NotPetya was a random attack on a single day that cost one Danish global company more than A$400 million dollars.

The latest dire warning from the government is appropriate, yet its policy responses have not quite matched the challenge – or their own commitments.

Read more: Should cyber officials be required to tell victims of cyber crimes they've been hacked?

Cyber security is everyone’s business

The government is 16 months into a departmental reorganisation in order to deliver better cyber security responses, especially through the new Home Affairs Department. That department has been very busy with everyday skirmishes in the escalating confrontations of cyberspace – from Huawei and 5G policy, to foreign cyber attacks on Australian members of parliament.

But Home Affairs is not the only department with a broad responsibility in cyber security policy. On the military side, the Defence Organisation has moved decisively and with discipline. In 2017, it announced the creation of a 1,000-strong joint cyber unit to be in place within a decade. It also announced increased funding to expand the number of people working in civilian defence roles on cyber operations.

Another department with potentially heavy responsibilities is the Department of Education, working with universities, the TAFE sector and schools. Unfortunately, it appears to be missing in action when it comes to cyber security.

Key plans have stalled

In April 2016, Prime Minister Turnbull released a National Cyber Security Strategy. It included commitments to grow the cyber workforce (especially for women), expand the cyber security industry and undertake annual reviews of the strategy itself.

But in key places the ambitious plans appear to have stalled or fallen short. As a result of the Turnbull overthrow, the post of Minister for Cyber Security – which was only created two years previously – disappeared. The 2018 annual review of the strategy was not released, if it took place at all. The annual threat report of the Australian Centre for Cyber Security (ACSC) did not appear in 2018 either.

In November 2018, AustCyber, an industry growth centre that is one good outcome of the 2016 strategy, published its second Sector Competitiveness Plan. Typical of government funded agencies, it reports much good news. Australia is indeed an international powerhouse of cyber security capability. What is unclear from the report is whether the government’s 2016 strategy has much to do with that.

Read more: Why international law is failing to keep pace with technology in preventing cyber attacks

Where we’re falling short

One indicator that we’re off-track is the fact the AustCyber report of 2018 has no data on the participation of women in the sector after 2016. Reports from the decade prior to 2016 showed a decline from 22% down to 19%, but the government does not appear to be tracking this important commitment after it was made.

In other bad news, the AustCyber report concludes that the education and workforce goals remain unfulfilled. It is hard to estimate how badly, since the initial strategy of April 2016 set no baselines or metrics. AustCyber now assesses that:

the skills shortage in Australia’s cyber security sector is more severe than initially estimated and is already producing real economic costs.

On the government’s commitment to increase the cyber workforce, AustCyber reports growth over the previous two years of 7% – roughly 3.5% per year. But it probably needs to be of the order of 10% per year for a full ten years if the gap identified by the report is to be met:

The latest assessment indicates Australia may need up to 17,600 additional cyber security workers by 2026 …

The government has provided $1.9 million over four years to promote university cyber security education in two Australian universities. That amount is so small it might not even be called a drop in the ocean. As AustCyber suggests, though in muted language, Australia does have huge resourcing holes in our cyber security education capability.

The most important gap in my view is the near total lack of university degree programs or professional education in advanced cyber operations, the near total lack of technical education facilities to support such programs, such as advanced cyber ranges, and a weakly developed national capability for complex cyber exercises.

What we should be doing

In 2018, I argued at a national conference sponsored by the government that Australia needs a national cyber war college, and a cyber civil reserve force, to drive our human capital development. I suggested at the time the college should be set up with a budget of A$100 million per year. Based on a recent international research workshop at UNSW Canberra, I have changed my estimate of cost and process.

Australia needs a cyber security education fund with an initial investment of around A$1 billion to support a new national cyber college. It should be networked around the entire country, and independent of control by any existing education institutions, but drawing on their expertise and that of the private sector.

It would serve as the battery of the nation for cyber security education of the future.

Read more: The public has a vital role to play in preventing future cyber attacks

Labor isn’t offering a better alternative

The Labor Party, through its cyber spokesperson Gai Brodtmann, has been critical of the government’s failure to fill the gaps. But she is retiring from the House of Representatives at the next election.

Labor has no well developed policies, and no budget commitments, that can address the gaps. There is even reason to believe the party doesn’t have a front bench that is engaged with the scope of the challenge. None of them seem to be as technologically oriented as Turnbull, the last cyber champion the Australian parliament may see for a while.

Authors: Greg Austin, Professor UNSW Canberra Cyber, UNSW

Read more http://theconversation.com/australia-is-vulnerable-to-a-catastrophic-cyber-attack-but-the-coalition-has-a-poor-cyber-security-track-record-113470

10 Benefits of Choosing Professional Tutoring Penrith Services

Every student has unique learning strengths, challenges, and academic goals. While classroom teaching provides essential knowledge and structure, so...

Sunshine Coast Baby Classes Prove Big Hit Among First-Time Mums

There's a movement gaining traction on the Sunshine Coast, providing a village of support, socialisation and relief for first-time mothers and babie...

Father's Day Gift Ideas for Men Who Are Hard to Buy For

Some dads are easy to buy for. Others do not want anything, already have everything, or give you the classic "don't worry about me" answer every yea...

Top 5 Mistakes That Wear Out Your Brakes Faster

Brakes don't need frequent replacements like oil changes do.   But a lot of the wear happens quietly, over months, because of habits most drivers...

Plantation Shutters vs Curtains: Which Is Better for Your New Home?

Moving into a new home is an exciting opportunity to personalise your space and make it your own. While many homeowners focus on furniture, flooring...

Celebration of Life vs Traditional Funeral: What's the Difference?

When saying goodbye to someone you love, there is no single way to honour their life. Every family has different traditions, beliefs, and preference...

Building Approval for Roofing Projects: What Homeowners Need to Know

Roofing projects are an important part of maintaining and protecting your home. Whether you're repairing storm damage, replacing an ageing roof, or ...

Chatswood Tutoring And Its Role In Academic Achievement

Academic success often requires more than classroom attendance alone. Students face increasing expectations as they progress through school, particu...

Why Laser Hair Removal Treatments Continue Growing In Popularity

Managing unwanted hair can become time-consuming and frustrating for many people, especially when shaving, waxing, and other temporary methods requi...

Choosing the Right Devices for a Flexible Workplace

For IT leaders managing large fleets, the device layer is where workforce productivity and security policy meet. The shift towards flexible and hybrid...

How Business Advisory Services Help Companies Achieve Sustainable Growth

Every business owner aims to build a profitable and sustainable organisation. While dedication, innovation, and hard work are important, achieving l...

Why Body Contouring Has Become A Popular Cosmetic Treatment

Many people maintain healthy lifestyles through regular exercise and balanced eating habits but still struggle with stubborn areas of fat that are d...

How to Choose the Right POS Hardware for Your Business in Australia

A lot of Australian business owners spend weeks researching POS software but buy hardware almost as an afterthought. That's a mistake. The wrong har...

Why Material Handling Hose Is Critical for Industrial Efficiency

A high-performance material handling hose is an essential component in industries that transport abrasive, dry, or bulk materials on a daily basis...

How to Choose the Right Lawyer in Melbourne for Your Situation

Choosing legal support can feel difficult, especially when the stakes are personal or business-related. The right lawyer in Melbourne should underst...

Hoteliers Look to Clever Value Adds to Increase Revenue

The Australian hospitality industry is still in recovery mode after a notoriously rough patch in recent years. While there has been a post-COVID tra...

Moving to Queensland? Here’s How to Prep Your Car for the Big Move North

There’s no sign of the northern migration slowing down, with thousands of southerners fleeing from chaotic lifestyles and cooler climates for a brig...

Diesel Shortage to Impact Trades and Contractors

Strait of Hormuz blockage affecting all major parts of trades and construction Trades and construction across residential, commercial and industria...