From Voluntary Action and Collaboration to Legislation and Classified Capabilities: Australia's Cyber Security Strategy 2020 Released
In July this year, we blogged about the Australian Government’s plan to release Australia’s Cyber Security Strategy (Strategy). On 6 August 2020, the Strategy was released after consultation with the public and industry actors.
The Strategy will invest $1.67 billion over the next 10 years – the largest ever financial commitment to cyber security – to create a more secure online world for Australians, our businesses and the essential services which we depend upon. This will be achieved through the following:
- protection of critical infrastructure through:
- greater powers for law enforcement agencies to target criminal activity on the dark web;
- enhancing offensive cyber capabilities against offshore malicious actors; and
- strengthening the defence of the Australian Government’s networks by centralising and uplifting the management and operations of the network;
- development of a voluntary Code of Practice in consultation with businesses, which will set out the Government’s expectations for internet-connected consumer devices; and
- assistance to small and medium enterprises (SMEs) to grow and increase their cyber security awareness and capabilities, such as through the provision of security information and cyber security tools/products to SMEs and a dedicated online cyber security training program.
The investment is a significant rise from the 2016 Cyber Security Strategy with a $230 million investment. This is not surprising in light of the increased malicious activity during the global COVID-19 pandemic and the Prime Minister’s recent announcement that Australian organisations were being targeted by a sophisticated state-based cyber actor.
While the Government aims to provide the tools and education, individuals and businesses must also take steps to secure their products and services, protect their consumers from known vulnerabilities, and practise secure online behaviours as we enter into a new era of cybercrime and cyber security.