The Turnbull government’s $230 million Cyber Security Strategy turns one this week and the industry scores a boost from a new Cyber Security Sector Competitiveness Plan launched today.
The plan hopes to help triple the size of Australia’s cyber security sector by 2026. It sees the country’s cyber revenue potentially leaping from about $2 billion today to $6 billion in a decade.
The plan was drawn up under the auspices of the Australian Cyber Security Growth Network (ACSGN), a key element of the overall cyber security strategy. Industry Innovation and Science Minister Arthur Sinodinos and the Minister Assisting the Prime Minister for Cyber Security, Dan Tehan will be on deck today at the Cyber Security Sector Competitiveness Plan launch.
The ACSGN is the industry-led not-for-profit charged with “delivering the activities” of the $30 million funded Cyber Security Growth Centre and is co-chaired by Data61 CEO Adrian Turner and IT industry veteran and former IBM heavyweight Doug Elix.
Mr Turner said the sector competitiveness plan was delivered six months ahead of schedule.
“The plan looks at where the cyber market is headed over the next five to ten years. Where does Australia have core strengths. What are the profiles of the skills being produced by the universities. Then we triangulate on a small number of areas where we can be world leading.”
The plan says Australia’s cyber security sector has competitive advantages in software including integrated platforms; services to improve the security of basic IT and network infrastructure and services around underlying security processes, like governance, risk and education.
It says Australia has competitive advantage in niche security hardware, particularly in military and classified environments.
Mr Turner is happy with the progress made by Data61 and the ACSGN on the Coalition’s cyber strategy.
“We’ve made strong progress on the parts of the strategy that we are on the hook for, both from Data61 and the ACSGN,” says Mr Turner, who rides herd on about 60 discrete cyber activities within Data61 and through university partnerships as well as cyber security scholarship actions.
Data61 also has the Cyber Security and Innovation Hub in Melbourne.
“We also delivered a partnership with the Australian Institute of Company Directors that delivered a online event and some curriculum to company directors to help them get smarter with their cyber IQ.”
“AICD have told us that was the most attended event in their history,” said Mr Turner. “There’s clearly pent up demand within the business community to better understand cyber risks.”
Prime Minister Malcolm Turnbull would be grasping at any good news he could get. The PM has been under intense political pressure of late, with a long string of poor polls indicating his government needs to lift dramatically if it is to improve on its one seat majority at the next election.
To be fair, the PM’s innovation and cyber security initiatives have been relatively successful so far, and Mr Turnbull was keen keen to cash in on the some of the warm glow around cyber security.
So far in cyber anniversary week Mr Turnbull lodged an OpEd piece in The Australian, the Coalition’s favourite newspaper, and delivered a publicly available one-year update paper on the cyber security strategy.
Curiously for the tax payers who fund the cyber security strategy, Mr Turnbull’s oped lives under the Oz paywall.
“In the cyber game, we must be ahead of the pack,” he wrote.
“We need to build our national cyber capacity, not just at a government level but across the economy, from the largest corporation to the smallest small business, to the netizens we all are on our smartphones, at home, at school, on the train. That is why the government is pleased with the progress that has been made during the past 12 months,” the PM wrote.
At a federal agency level there were some spectacular cyber security failures in the last twelve months such as Census Fail night at the ABS.
But the one year cyber security update had bullish news.
In 2016, 59 per cent of organisations in Australia detected a business interrupting security breach at least once a month, twice as often as 2015, while 71 per cent of respondents to the ACSC 2016 Cyber Security Survey reported having a cyber security incident response plan in place, compared to 60 per cent in 2015.
Company boards are switching on to cyber threats. Organisations with higher levels of cyber resilience were more likely to have discussed cyber security at the board level in the past three months, while 39 percent of CIOs had purchased some form of cyber insurance in 2016, compared to 24 per cent in 2015; this according to the Minter Ellison ‘Perspectives on Cyber Risk 2017’ report.
While the update reported strong progress or completions on many cyber strategy initiatives, there were a couple of items still on the ‘not scheduled to have commenced’ side of the to-do list.
These include sponsoring research to better understand the cost of malicious cyber activity to the Australian economy, and developing guidance for government agencies to better manage supply chain security risks for ICT equipment and services.