Cyber threat platform costing govt $59k a day

Joseph Brookes
Senior Reporter

The bill for the federal government’s automated cyber threat sharing platform has skyrocketed to more than $59,000 a day because of the expansion into bidirectional sharing, increased industry participation, and “escalating” cyber threats.

Australia’s cyber agencies are now paying Deloitte nearly $50 million for the continued rollout of the Cyber Threat Intelligence Sharing (CTIS) project the consulting giant piloted in 2021.

The service, which was co-designed with industry after warnings it needed better intelligence from government, enables the automated sharing of cyber threat intelligence at “machine speed” with industry and back from registered partners.

The project trialled a move from a one-way threat sharing service to bidirectional in 2021, allowing the private sector to share threat intelligence with the Australian Cyber Security Centre (ACSC) for the first time, with the National Australia Bank the first successful industry sharer.

The CTIS moved to broad bidirectional sharing in June last year and has shared around 28,000 threat indicators so far.

Most of this has still been one-way traffic, with the ASCS sharing 25,000 indicators and registered partners sharing 2261 more back to the agency, according to the latest ACSC threat report.

Another 741 have been shared by CTIS analysts working for ACSC’s delivery partner, Deloitte, under its ballooning CTIS contract.

Deloitte’s contract began at $1.4million to lead the “enhanced capability implementation” of the CTIS. But it was amended within months for additional services and to take up an extension option.

A spokesperson for the ACSC said the contract now covers “ongoing sustainment costs for the platform and service, including the on-boarding of customers to the service and ensuring continuous quality assurance of inputs”.

The contract – Deloitte’s most lucrative at a federal government level to date – has now increased more than 30 times its original value to $48.9 million through several more amendments.

The increase reflects the significant changes in scope and an expansion in the organisations sharing threats on the platform, according to the ACSC.

“Subsequent contract extensions expanded this capability from the original limited CTIS participants to provide a scalable bidirectional CTIS capability available to [Australian Cyber Security Centre] partners,” the spokesperson told

“This expansion was required based on the demands of the escalating cyber threat environments.”

Originally funded under the government’s 2020 Cyber Security Strategy, the CTIS project is being expanded under the government’s REDSPICE initiative.

There are now around 100 registered partners for the threat sharing platform, including government agencies and private sector organisations across multiple industry sectors.

Deloitte’s contract includes responsibility for onboarding the partners and integrating their threat sharing with the Australian Signals Directorate (ASD) and the ACSC.

“An industry partner was sought to support ASD with extensive industry consultation and workshops to ensure the capability delivered met public and private needs and across sectors,” the spokesperson said.

“An industry partner has provided greater scale to the on-boarding of customers and supplemented ASD’s technical expertise for external ASD systems for bidirectional sharing.”

Do you know more? Contact James Riley via Email.

Leave a Comment

Related stories