SecurityHQ Update • 10 ΜΙΝ READ
SecurityHQ and Data#3 Join Forces to Leverage the Australian Cyber Security Strategy 2023-2030
by Eleanor Barlow • Sep 2024
The cost of cybercrime incurred by Australian businesses has grown by a significant 14% per annum according to the ASD Cyber Threat Report 2022-2023, from the Australian Signals Directorate. The report highlights the grim reality and frequency of cybercrime, with one incident occurring every six minutes, and ransomware attacks alone costing an estimated $3 billion a year in damage.
In response, the Australian Department of Home Affairs, responsible for Australia’s cyber security strategy, laid out a defense plan that would utilise six cyber shields to improve the nation’s cyber resilience. The 2023-2030 Australian Cyber Security Strategy documents Australia’s vision.
In 2021, SecurityHQ was proud to announce its partnership with Data#3, a partnership that aims to help Australian organizations fortify their security foundations and elevate strategic measures for enhanced protection against cyber threats. Renowned for its maturity and expertise within the Australian and South Pacific markets, Data#3 also has one of the most highly accredited cybersecurity teams in Australia. By harnessing our partnership and the capabilities of our cyber security specialists, SecurityHQ and Data#3 are committed to delivering unparalleled visibility and protection against evolving cyber threats.
For Farhan Baig, the Regional Director of SecurityHQ in Australia, the Australian Cyber Security Strategy is at the core of the collaboration with Data#3.
“The recent challenges in the cyber landscape highlight the urgency for stronger actions and innovative solutions. This strategy represents a major step forward in Australia’s cybersecurity approach, emphasizing the need for proactive and forward-thinking measures. This strategy establishes clear priorities, providing a strong framework for enhancing our defenses and creating a more secure and resilient digital environment,” said Farhan Baig.
Three-phase Cyber Maturity Strategy
Australia’s devised multi-phase plan to attain cyber maturity by 2030 is ambitious.
“The strategy is bold and ambitious – and it must be. One thing is abundantly clear from what has happened to our cyber environment in the last five years: we simply can’t continue as we are. We need to push harder; we need to get ahead of this problem. It will strengthen our foundations to address critical gaps,” explained Richard Dornhart, National Practice Manager, Data#3
In Horizon 1 (2023-25): Strengthening the Foundation
This primary phase aims to toughen the foundation, build protection for individuals and businesses, and propagate cyber hygiene across Australia.
In Horizon 2 (2026-2028): Expanding the Reach
The second phase focuses on scaling cyber maturity across Australia’s economy, investing in an advanced and broader cyber ecosystem that will cultivate and support a diverse cyber security workforce.
In Horizon 3 (2029-30): Leading the Final Frontier
The last phase will deal with new cyber risks by leveraging modern technologies.
The three phrases are further broken down into a six-layered fortification strategy
Shield 1: Strong business and citizens
According to the Small Business Matters Report 2022-2023, Australian Small Business and Family Enterprise Ombudsman (ASBFEO), small and medium businesses in Australia contribute to over $500 billion in gross domestic product. Additionally, the Reserve Bank of Australia also offers jobs to almost 43% of the private sector labor market.
However, despite the vital part SMEs play, many in Australia still lack a shield against cyber threats and do not maintain the right training to recover from cyberattacks quickly enough. This problem will be addressed by offering guidance and support to small and medium businesses and diverse communities.
The strategy also includes shaping international legal frameworks to fight against cybercrime in the Pacific and Southeast Asia.
A report from the Australian Institute of Criminology highlighted that Australians experienced a loss of $3.1 billion in 2019 due to identity theft. The improvement and extension of the Digital ID program and the National Strategy for Identity Resilience are just one part of working to fix this.
Shield 2: Safe technology
People of Australia can trust that their digital products and services are safe, secure, and fit for purpose by:
- Adopting international cyber security standards,
- Integrating cyber security in software by developing a voluntary code of practices for app stores and developers,
- Designing a framework for evaluating the national cyber security risks, and
- Identifying and protecting important and confidential datasets, reviewing commonwealth legislative data retention policy, and curating a system to segregate data.
- Devising and propagating strategies for the careful use of artificial intelligence.
Shield 3: World-class threat sharing and blocking
The idea is to create a threat intelligence network by equipping the industry with threat intelligence and improving Australian Signals Directorate (ASD’s) capabilities to facilitate machine-to-machine exchange of adversary intel. The cyber security department will launch a threat-sharing acceleration fund to offer seed funding to boost Information Sharing and Analysis Centres (ISACs) in low-maturity sectors.
It’s also anticipated that encouraging and incentivizing threat-blocking and participation in threat-sharing platforms will support/enhance efforts.
Shield 4: Protected critical infrastructure
Australia plans to establish the scope of critical infrastructure regulation by:
- Matching the telecommunication standards across critical infrastructure entities.
- Properly defining regulations for managed service providers under the Security of Critical Infrastructure Act (SOCI) and delegated legislation, ensuring clarity through industry consultation.
- Cultivating a reform agenda to uplift the country’s aviation, maritime, and offshore sectors’ cyber security.
- Designing cyber incident response plans, undertaking cyber security exercises, conducting vulnerability assessments, and providing system information to develop and maintain a near real-time threat picture.
Shield 5: Sovereign capabilities
To achieve the 2030 vision, Australia has already begun reforming the education and training system to satisfy the demand for a digitally sound workforce by establishing jobs and skills. It’s also strengthening workforces in cyber, information technology, and STEM (Science, Technology, Engineering, and Mathematics).
Under the sovereign capabilities, return-to-work programs are also being propagated for women, underrepresented groups, and diverse communities.
Australia’s cyber security industry contributes more than $2 billion to the annual gross domestic product but is facing issues in retaining and attracting employees. Officials plan to address the issue by funding cyber startups and small businesses and have already announced a $392.4 million Industry Growth program.
Shield 6: Resilient region and global leadership
The Australian Government is committed to fostering cyber resilience among neighboring countries by reinforcing cyber cooperation through various forums, frameworks, and initiatives, encompassing bilateral, multilateral, and multi-stakeholder partnerships, such as the Quad (a diplomatic partnership between Australia, India, Japan, and the United States) and the Counter Ransomware Initiative (CRI).
Australia is poised to establish new partnerships and explore innovative mechanisms to coordinate and align collective efforts in enhancing cyber resilience, including collaborations with the Partners in the Blue Pacific. Engaging with Pacific and Southeast Asian partners, including participation in the Pacific Islands Forum and interaction with the Association of Southeast Asian Nations (ASEAN), will guide efforts to identify country-specific needs and regional priorities.
The efforts are also extended to supporting the United Nations Women, Peace and Security agenda and Australia’s National Action Plan on Women, Peace, and Security 2021–2031.
The Future of Cyber Security for Australia
Australia’s latest cyber security strategy signifies a steadfast commitment to combating cyber threats, reflecting a proactive stance towards safeguarding digital assets. The new strategy is only the start of Australia’s unwavering commitment to driving necessary changes in cyber security for the better.
With over 500 security professionals combined, the partnership between SecurityHQ and Data#3 helps organizations put their best foot forward by delivering unparalleled expertise and operational transparency to better protect Australian businesses.
Contact our Australian-based team today to experience the power of SecurityHQ and Data#3’s exclusive partnership, offering one of the most comprehensive security solutions in Australia, complete with tailored measures, 24/7 coverage, and mobile SOC access.