The Morrison government's election promise to spend $156 million to bolster Australia's cyber defences is a start but more like a \u201cdrop in a bucket," saysSecurity in Depth's Michael Connory.\nThe \u201ccyber resilience and workforce package\u201d will include $50 million to hire more staff under a workforce expansion program; $40 million for a 'countering foreign cyber criminals' capacity within the existing Australian Cyber Security Centre (ACSC); and $26 million for ACSC to expand its assistance to the community.\nMichael Connory, security advisor at Security in Depth told CIO Australiathe fund is \u201cnowhere near adequate\u201d to help deal with the cyber threats facing Australian businesses and citizens.\n\u201cIt\u2019s significantly better than the other political parties are pledging, but it\u2019s still not close to enough,\u201d he said.\n\u201c$40 million focused on placing 230+ new cyber experienced staff for military cyber operations \u2013 while this is absolutely necessary, the figure probably needs to be doubled.\u201d\nConnory said at this time Australia "immediately" needs an additional 2,300 individuals to manage the $500 million cost of cybercrime that Australians lost last year.\n\u201cAlso take into account the Australian Cyber Security Centre states that we as a country are losing an additional $400 million in lost revenue and wages [so] $50 million isn\u2019t going to scratch the surface.\n\u201cIf you then realise that by 2026 we will need an additional 18,000 cyber experts in Australia, we will in fact fall behind the rest of the world in how we protect our personal information as well as businesses protecting their assets \u2013 this could be anything from customer information, business IP, money,\u201d he said.\nConnory said that cybercrime is now considered one of the most significant global threats, according to a 2019 World Economic Forum report.\n\u201cThis will start the process but it\u2019s only a drop in the bucket. The government is putting away $40 million to hire 230 staff \u2013 that number of jobs is only 1.3 per cent of jobs needed,"he said.\nConnory said 18,000 cybersecurity staff at a cost of $2,778 per individual is not nearly enough. This works out to be about $40 million for 1.3 per cent and $50 million for the other 98.7 per cent (although government isn\u2019t expected to pay wages for everyone), he said.\n\u201cThe funding for training is exceptional, the funding to increase the capabilities of the ACSC is also needed -- again $40 million to increase capabilities of ACSC which will employ hundreds of staff and $50 million to help create 18,000 highly trained and experienced cyber professionals \u2013 is not enough,\u201d Connory said.\n\u201cThe money also isn\u2019t addressing other serious requirements such as money to support Australian cybersecurity firms, more money for cyber security research, essentially improve the cyber security ecosystem.\u201d\nDaniel Lai, chief executive officer at Canberra-based cybersecurity organisation, archTIS agrees that the government's latest monetary pledge isn't enough. Lai said it does little to directly improve the protection of government agencies from the growing risk of cyber attacks and breaches.\n"This announcement does little to directly improve the protection of government agencies, industry or small business from the real and present danger that exists from malicious cyber actors. There is no preventative aspect to the announcement to deal with the threat today," said Lai.\n"While it is needed, it is another \u2018finger in the dike\u2019 fix. Until there is a proper strategy to appropriately fund and address the enormity of the problem and introduce preventive measures for government, industry and small business we will continue to see Australian national secrets and intellectual property stolen."\nAustralian Computer Society presidentYohan Ramasundara told CIO the program shouldn\u2019t be a standalone.\n"The government should have a well rounded approach and be an enabler in stimulating and encouraging the development of cyber capabilities working in collaboration with other key stakeholders," he said.\nHe saidAustralia has a critical shortage of cyber security professionals and the government should be addressing this as an issue of priority.\n"According to ACS\u2019 Australia\u2019s Digital Pulse, Australia will need an additional 11,000technical cyber security workers over the next decade," he said. "We need todevelop a sustainable pipeline of cyber-related skills to facilitate future growth as a matter of course, not as something dependent on the result of an election."\nRamasundara said more investment in this critical area is needed now from increasing school students\u2019 participation and performance in STEM subjects as well as earlier development of logic and critical-thinking skills through to offering and improving courses in cyber security in the tertiary and vocational education sectors and attracting non-traditional tech professionals to undertake studies in cyber security.