A Study on Cyber Security Policy in Australia

Background

Utilizing the internet and digital technology, Australia has enabled the public to participate in a maturing global digital economy. With increasing internet users from 83% in 2014 (ABI Research, 2015) to approximately 90% in 2017 (Department of the Prime Minister and Cabinet (PM&C), 2016), PM&C stated that the internet based economy generated $79 billion, equal to 5.1% of GDP, in 2014 while cybercrime could cost Australian 17 billion annually. To avoid financial losses and ensure a safe and secure cyber environment, Australia implemented National Plan to Combat Cybercrime in 2013. The plan is monitored and enforced by Attorney-General’s Department and Australian Signals Directorate.

The Effectvieness of Implementation

Australian is ranked 7^th in the world for cybersecurity commitments (International Telecommunication Union (ITU), 2017). There are two significant factors leading to this success. The most important lead is transparent political action. Clear delegation is a part of that. For example, non-national threats are allocated to State and Territory agencies while those related to national interest are dealt by Commonwealth agencies. This resulted in the country being the second top in cyber maturity in Asian Pacific (Australian Strategic Policy Institute, 2017). In addition, an annual update of national strategy was established to address the constraints and new action plan. In particular, in 2017, National Cyber Security Strategy published in 2016 was updated. There were a few areas of improvement were emphasized including research sponsorship and ICT equipment supply chain guidance (Australian Government, 2017). Secondly, public awareness is the key to facilitating the plan. Since individuals are those exposed to cyber environment and are likely to be attacked, they need know how to protect themselves. Based on the clear governance structure, several government institutes assisted by Department of Broadband Communications and the Digital Economy (DBCDE) were established to ensure that cyber security information was spread to the public. These include Stay Smart Online, eSafety Commissioner, Scamwatch. As a result, the public awareness rating between 2014 and 2017 increased from 7 to 9 out of 10 (Australian Strategic Policy Institute, 2014; 2017).

The Critique on Implementation

However, there was criticism of the implementation progress. Nevill and Hawkins (2017) aruged that funding which is reallocated from existing fund for Department of Defense is smaller than the task size and not be able to support the strategy’s goals. They added that a lack of funds woud also cause inadequate human resource building, so it would impact the pace and effectiveness of implmetation. Another limitation is the negative effect of the slow delivery speed. The national strategy is time bound, but malicious actors are not (Uren, 2017). When the project delivery falls behind the new technology (software and hardware), it would likely to create opportunity for cybercriminals even if the project is delivered.

As mentioned above, political action played a significant part in influencing governing effectiveness and raising public awareness resulting providing individual self-defend knowledge. Even with fund shortage during the past years which caused delay in implementation and introduced new loopholes for cybercriminals, this is considered a great achievement because individuals can protect themselves from being attacked. As a result, political actions was impacted by funding, but some compensation in degree of public awareness would sustain a safe cyberspace and reduce financial losses for current and future generations.

References

ABI Research. (2015). Global cybersecurity index & cyberwellness profiles. Geneva: International Telecommunication Union.

Australian Government. (2017). Australia’s cyber security strategy: 2017 update. Department of the Prime Minister and Cabinet. Camberra: Department of the Prime Minister and Cabinet.
Australian Strategic Policy Institute. (2014). Cyber maturity in the Asia-Pacific region 2014.Canberra: Australian Strategic Policy Institute.

Australian Strategic Policy Institute. (2017). Cyber maturity in the Asia-Pacific region 2017. Canberra: Australian Strategic Policy Institute.

Department of the Prime Minister and Cabinet (PM&C). (2016). Australia's cyber security strategy. Canberra: Department of the Prime Minister and Cabinet (PM&C).

International Telecommunication Union (ITU). (2017). Global cybersecurity index 2017. Geneva: International Telecommunication Union (ITU). Retrieved from https://www.itu.int/dms_pub/itu-d/opb/str/D-STR-GCI.01-2017-R1-PDF-E.pdf

Nevill, L., & Hawkins, Z. (2017). Australia's cyber security strategy: execution & evolution. Australian Strategic Policy Institute.

Uren, T. (2017, 6 27). On the inevitable failure of cyber security. Retrieved 4 21, 2019, from The Strategist: https://www.aspistrategist.org.au/inevitable-failure-cybersecurity/