The revamped Australian Government Cyber Security Strategy will address the impact of the COVID-19 pandemic, but it is unclear when policy re-write will be released.
The Department of Home Affairs has been working on the 2020 Cyber Security Strategy for months. It received more than 200 submissions by the end of November from the private sector and has held a number of public hearings and sessions around the country.
The new strategy had been expected to be launched early this year, but it’s now unclear how long it will be delayed in light of the unfolding COVID-19 pandemic.
The government is “continuing to develop” the new strategy, a spokesperson for the Home Affairs department said, and would expand it to include any cybersecurity issues related to the current crisis.
“The 2020 Cyber Security Strategy will build on the strong foundations established by its predecessor and will take into account the rapidly evolving cybersecurity landscape, including the impact of COVID-19,” the spokesperson told InnovationAus.
The government issued a number of warnings and guidance for individuals and businesses on cyber security during the COVID-19 pandemic. It has warned about scams and phishing emails using the coronavirus and provided advice for companies to manage risk with employees working from home.
The 2020 cyber strategy will likely signal significantly different roles for government and the private sector from the first iteration four years ago. There will likely be more government-private collaboration on critical infrastructure, and a more centralised architecture for cyber protection, with a shift of the cyber risk away from end-users and onto the industry.
Former Prime Minister Malcolm Turnbull launched the first cyber strategy in 2016, with an initial plan for it to be updated annually. But the government decided that a more significant revamp of the strategy was needed. The strategy has not been updated since 2017.
A strategic panel was formed to guide the development of the strategy in November last year. The panel was criticised for being “incredibly out of balance with the reality” of the cybersecurity sector, and for being too narrow, Telstra-centric and not including any SMEs or startups.
Former US Secretary of Homeland Security Kristjen Nielsen was added to the panel in December last year.
A number of submissions to the government’s consultation on the strategy have called for better coordination of its “bewildering matrix” of cybersecurity policies and governance, and for a return of a dedicated cybersecurity minister.
Currently, cybersecurity policies are overseen by Home Affairs Minister Peter Dutton.