Australian Government Announces Boost in Cybersecurity and Digital Spending
During the announcement of the 2020-2021 budget, the Australian government has unveiled what it says is its largest-ever investment into cybersecurity. This comes alongside an announcement of a formal JobMaker Digital Business Plan, which involves an $810 million investment into helping Australian businesses and modernise and enter the digital landscape.
According to Prime Minister Scott Morrison, the investment is meant to help Australian businesses that were forced to move online due to the coronavirus pandemic continue their push into the digital realm. It is intended to help businesses to benefit from opportunities to grow and create more jobs.
The package also removes “outdated regulatory barriers” that made digitisation difficult for small businesses and also support technology updates that help boost the capabilities of small businesses.
The investment includes $29.2 million that is earmarked to help accelerate the rollout of 5G technology, as well as $419.9 million to help companies move online and ‘modernise business registers.’ According to Treasurer Josh Frydenberg, this investment is estimated to help increase Australia’s Gross Domestic Product (GDP) by $6.4 billion by 2024.
Alongside this investment into helping businesses move to digital, the country has also announced an additional investment of A$1.35 billion ($926.1 million) over the course of 10 years in order to boost the country’s cybersecurity defences. This includes strengthening cybersecurity for both private companies and households, as well as the government.
This investment is a part of the country’s A$15 billion investment in improving its cyber warfare capabilities and comes on the heels of an increase in cybercrime in the country. According to Morrison, cyber attacks on businesses and households result in a loss of A$29 billion, or 1.5% of the country’s GDP.
It also comes following an electronic attack on the Australian parliament, as well as its three largest political parties, in 2019. Though the government has not disclosed which country it believes was behind the attack, it has said that a “sophisticated state-based actor” has been behind cyber attacks not only against the government and political parties but also against essential service providers and critical infrastructure operators.
The largest chunk of the new investment into cybersecurity – A$470 million – has been earmarked to create 500 new security expert positions within the Australian Signals Directorate, the government’s cyber intelligence agency.
Other elements of the investment include a new security framework for critical infrastructure, which in turn, contains a list of security obligations that providers of critical infrastructure must fulfil. The critical infrastructure sector will also be able to take advantage of a $66 million program that will help them assess their networks for any digital vulnerabilities.
Another $88 million has been set aside to help the Australian Federal Police (AFP) investigate and prosecute cybercrimes. According to Morrison, the investment into cybersecurity is meant to help the country develop the tools and capabilities required to keep citizens safe from “malicious cyber activity.”
IT Industry Responds
The IT industry and IT vendors, including CrowdStrike, WatchGuard, Zscaler, and LogRhythm, have positively responded to the new budget.
According to Andrew Littleproud, CrowdStrike vice president for the Asia Pacific and Japan, research has revealed that more than half of all Australian business leaders believe that cybersecurity should be a major priority for additional investment into the business. Furthermore, 40% say that despite the economic effect of the pandemic, they expect technology budgets to increase.
Vendors across the industry note that while additional investment into digital connectivity through the JobMaker Digital Business Plan is a positive for Australian businesses, it also means an increased likelihood of cyber attacks. Thus, the investment into cybersecurity will help businesses deal with the need for increased cybersecurity and help them develop the capabilities needed to fight back against cyber threats.
Per the industry, another advantage of the cybersecurity budget is that it will help increase jobs in the cybersecurity industry. Furthermore, it will help businesses combat the increase in ransomware attacks, which have seen a rise following the start of the coronavirus pandemic.
However, both the JobMaker Digital Business Plan and the investment into cybersecurity have also been criticised as being inadequate.
A significant criticism of the JobMaker Digital Business Plan is that the lion’s share of the budget – $420 million out of the budgeted $800 million – has been reserved to modernise the online business registry, which will be operated by the Australian Taxation Office (ATO). While the government claims that this will help to combat corporate fraud and cut down on bureaucratic red tape, critics say that this will translate into little to no job growth for small businesses.
Furthermore, another large chunk of the budget – $256 million – is to be used to develop a digital identity system to help businesses interact with governmental departments better. This means that a majority of the budget will remain within government coffers, as opposed to going directly to small businesses. Only $2.5 million of the budget is dedicated to online skills training, and critics say that more of the budget should have been spent on directly supporting small businesses.
At the same time, the cybersecurity budget has been criticised for its lack of an exact timeframe. The budget is spread out over the space of 10 years, and Cyber Security Strategy does not specify a target date by which the budget’s objectives should have been reached. The budget’s lack of measurable targets has resulted in critics pointing out that it lacks the substance necessary to make a true impact.
Furthermore, it was pointed out that the Australian National Audit Office (ANAO), which was key in revealing bureaucratic hurdles concerning IT and cybersecurity, was having its budget cut from A$112 million to A$98 million.
Despite some concerns regarding the budget, the increase in cybersecurity and digital spending is meant to help Australia measure up to the rest of the world in terms of cyber protection. Though the country is part of the Five Eyes network, alongside Britain, Canada, New Zealand, and the United States, its spending on cybersecurity is minuscule in comparison to powers like the US, China, and Russia. The increase in cybersecurity spending is meant to be a counter to this.
Written by The Original PC Doctor on 26/10/2020.