In April 2016, the government of Australia forwarded a cyber security strategy proposal to solidify its cyber space and fend off the increasing digital threats hurled by enemy states, cybercriminal organizations, and amateur opportunists.
In the digital age where cyber-attacks are increasing every year, it is imperative that we have a stringent cyber security plan nationwide. There must be a strategy in place to tackle the ever-evolving online threats and to notify victims of a cyber-security breach while complying with some well-planned regulations.
Cyber security is taken seriously not only in Australia but also in most other developed nations around the globe. For instance, Barrack Obama, the former President of the US, declared cyber attacks a “national emergency” in 2015. In fact, he even allotted a budget of around A$26 billion to fight against the threat.
Likewise, a spending plan of around A$800 million was proposed by the UK Chancellor for the same cause.
What is Australia’s Cyber Security Strategy?
The Australian Government’s Department of the Prime Minister and Cabinet proposed a cyber security strategy plan to enable “innovation, growth and prosperity for all Australians.”
Keeping in mind the “connected community” nature of the country and the increasing contribution of the private sectors, the policy makers deemed it necessary to have a strategy that is shared by a nation-wide partnership among government sectors, private bodies, and communities.
The policy proposes “five themes of action” to see the strategy through to its execution and implementation.
- A National Cyber Partnership: To develop co-operation and co-leadership between government bodies and business leaders for the design and implementation of the strategies. Also, to understand and estimate the cost of the cyber threats to the Australian economy.
- Strong Cyber Defenses: To evaluate the cyber security performance of government agencies and use advanced technologies to reinforce the security systems of Australia, thereby making the Australian cyber infrastructure resilient to online threats.
- Global Responsibility and Influence: To join International partners and promote an “open, free and secure Internet”, and find and terminate the cyber spaces that cyber criminals consider a safe haven.
- Growth and Innovation: To bring about innovation in the cyber security defense system by establishing a research and development department. Plus, to empower cyber security businesses to build, promote, or export cyber security products and services.
- A Cyber Smart Nation: To spread cyber security awareness in the country as well as to bring on board more cyber security professionals.
The SWOT Analysis
It has only been a year since the initial proposal of the cyber security strategy plan. Yet there has already been a huge commotion over its merits and flaws.
Let’s conduct a quick SWOT analysis of the Australian Cyber Security Strategy and see how it fares.
Cyber Security Strategy: Strengths
- By financing the cyber security market, Australian businesses would experience a boom in digital innovation. As a result, the nation would see a 5.5% increment in business investment as well as 20% increase in wages, according to Deloitte.
- Joint Cyber Security Centers will be established in the capital cities of the country. The Centers would act as a platform where law enforcers and government officials can join hands to fight online threats.
- A dedicated cyber security leadership will be established across the board to lead and advocate the policies. In fact, Australia has already handpicked its first Cyber Security Advisor, Alastair MacGibbon, who is tasked to set clear objectives and administer their execution.
- Australians will also experience a boom in the number of cyber security experts and professionals, which will ultimately allow the cyber security community to thrive and innovate more advanced countermeasures against the evolving threats.
Cyber Security Strategy: Weaknesses
- Unlike other developed countries like the US and UK, the government of Australia allocated a mere budget of $233 million, which itself is reallocated from the Defense budget. Instead, the government should have allocated separate, new funding for the project.
- There isn’t a definite timeline of the execution or progress of the plan, and this hides the government’s work status.
- The current progress of the cyber security strategy implementation is quite slow, with only 5% of the 83 initiatives achieved so far, as reported by the Australian Strategic Policy Institute.
- Departments that are given the responsibility to see to the implementation of the strategy are still waiting for the funds.
Cyber Security Strategy: Opportunity
- According to a survey commissioned by the Intel Security, there’s an 88% skills shortage of cyber security in Australia. Once the strategy is implemented, the number is expected to go down significantly because of cyber security reforms and learning centers.
- The advanced cyber security reforms will also empower the country to efficiently prevent any wide-scale cyber-attacks like that of WannaCry which affected over 200,000 systems around the world and at least 5 businesses in Australia.
- The move will nurture the cyber security ecosystem of Australia by allowing more and more digital security startups to take the stage and present innovative products and services that are built to reinforce online security.
Cyber Security Strategy: Threats
- Implementation is slow partly due to lack of funding as well as a shortage of resources and skilled hands. In the meantime, security threats are continually evolving and resulting in hundreds and thousands of dollars in damage.
- As pointed out by the Australian Strategic Policy Institute, the current update of the strategy is “devoid of self-assessment” as well as transparency. It makes it harder for experts to constructively review tthe update.
- Collective reports of security breach or compromise incidents allow concerned authorities to develop new policies and procedures. However, many companies are reluctant to hand over or report breach details due to fear of commercial or legal liabilities.
Be it Australia or any other country for that matter, the digital landscape is getting bumpier due to the growing number of cyber-attacks and breaches. Therefore, it’s about time that countries around the world join hands and work together to develop flawless policies to increase cyber security awareness, nurture more skilled security experts, and develop efficient systems.
About the Author: Sufian Farrukh is a Cyber-Security Analyst and Research Supervisor in various universities. He has a passion to read and write in areas such as Cyber-Security, Internet of Things, FinTech, Cloud Computing, Logistics and Artificial Intelligence. You can contact him at firstname.lastname@example.org.
Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.