The Australian Centre for Cyber Security (ACCS) released a discussion paper on Monday critiquing the Australian Government’s cyber security efforts, claiming it does too little to combat advanced technology threats.
The report, Secure in Cyber Space: A Policy Agenda for the Next Government against High Tech Threats, featured recommendations for new policy such as the creation of a Cyber Defence League based on an Estonian model, a National Cyber Security College, and a Cyber Scientific Advisory Board.
A substantial spending gap was highlighted in the paper between the federal government’s new measures and comparable spending commitments made by foreign allies for cyber security in the past six months. The report authors have called for more action to be taken to counter cybercrime, protect critical infrastructure, and provide of world class policy research and education relevant to Australia’s specific needs.
Though praising recent efforts and funding from the government – including its Innovation Strategy, its Defence White Paper, and its Cyber Security Strategy – the paper described Australia as ‘lagging’ by up to 10-20 years in cyber security defence compared to other nations like the UK, the US and France.
“Since advanced [ICT] underpin all modern science and most industrial and consumer activities, security of or against those technologies would, one might think, be of the highest priority for the most developed countries,” the paper reads.
“Looking at current and future threats, Australia’s key allies – the United States and the United Kingdom – take this view. Australia does not.”
Earlier this month, the UK released a major policy statement reiterating its view that the cyber menace is a Tier 1 national security and economic threat. The UK paper also promised comparably much closer attention to systemic threats to critical cyber infrastructure, the report noted.
The ACCS paper said that the government’s 2016 Cyber Security Strategy, though a “mature and nuanced” plan, does not sufficiently discuss key sources of malicious activity, and does not have a spending plan adequate to address the pace and scale of emerging threats to the digital economy or national security.
The paper also critiqued the strategy’s unrevealed time/policy trade-offs in the government’s positions, particularly around driving STEM education initiatives, claiming an education and training approach alone will have no strong pay-offs in the next decade.
Professor Jill Slay, director of ACCS, and report co-author said the time had come to develop a national workforce strategy for cyberspace capability, across the board.
“We have to respond to the recent Cyber Security Strategy by laying out national agenda for skills education that is more sophisticated and detailed than a focus on awareness raising or cyber hygiene. There are new high tech threats that are not being addressed in most of the country”.
“It seems that many Australians do not see cyber threats in the same way as their peers in our closely allied countries,” added Co-author of the paper, Professor Greg Austin from the University of NSW (UNSW) Canberra.
“We need to understand why.”