Labor has demanded a briefing from the government on it’s massive $1.35 billion cybersecurity strategy and assurance that work is being done to improve information security of the public sector.
Prime Minister Scott Morrison last month announced that a large portion of Defence spending would be repurposed as part of the upcoming 2020 Cyber Security Strategy, which is set to be released before the October budget.
A big chunk of the funding goes toward the Australian Signals Directorate and the Australian Cyber Security Centre, with efforts to expand the country’s cybersecurity workforce and new capabilities to disrupt and defeat malicious cyber activity.
Prior to this, Mr Morrison held a snap press conference to warn that Australian governments and businesses are being targeted by “sophisticated state-based cyber actors”.
But the Opposition has said it has been left out of these conversations, with shadow home affairs minister Kristina Keneally and shadow assistant minister for cyber security Tim Watts writing to Home Affairs Minister Peter Dutton last week to request a briefing.
“To improve Australia’s cyber resilience, we need your cooperation to stay informed and, in turn, help the public improve their cybersecurity. Following press reports that Australia’s new cybersecurity strategy will be released ahead of the October budget, and government’s announcement of new funding tied to the strategy, we request a briefing on the plan before its public release,” Senator Keneally and Mr Watts said in the letter.
“We want to be reassured that government is improving our preparedness for cyberattacks, and we want to be able to help lift public awareness and do what is necessary to address this threat. We cannot afford to let our preparedness slip further on this issue.
“The threats to our security and democracy are just too great, and the cost to our nation is simply too high.”
Labor is pushing for the government to do more to ensure that public sector entities are meeting the basic mandatory cyber security mitigation strategies, pointing to a series of ANAO reports that have shown 60 per cent of Commonwealth entities have not implemented the Essential Eight controls.
“We need to reverse these trends – and the government needs to show the drive and leadership to do so. Labor remains concerned that there is a waning trust in the Commonwealth’s ability to address ongoing cybersecurity threats – especially across state and local levels of government and small to medium businesses,” Senator Keneally and Mr Watts said.
According to the Opposition, “money is not enough”, and that government needed to reinstate a dedicated minister for cybersecurity, a position scrapped by Mr Morrison in his first cabinet reshuffle in 2018 after taking over the top job.
“We hope that the new strategy will also compel the creation of a dedicated member of the executive to cybersecurity, as the 2016 strategy recommended, and that the new strategy can address ways to transparently improve the cybersecurity of government entities,” they said.
“We will continue to call for a reversal of the Prime Minister’s 2018 decision to abolish the cybersecurity portfolio and reinstate the role as part of the new strategy.”
The 2020 Cyber Security Strategy had been expected to be revealed before the May budget, but has been delayed due to the ongoing Covid-19 pandemic. It is now expected to be fully unveiled before the rescheduled October budget.
An industry advisory panel was formed last year to provide advice on the strategy, with members including former US Secretary of Homeland Security Kirstjen Nielsen, who implemented the Trump government’s family separation policy.
It has not been publicly revealed how much these panel members, including Ms Nielsen, are being paid.