With geopolitical tensions on the rise, governments across the globe are warning citizens and businesses to be on high alert for cyber-attacks. In February, the Morrison administration, and the Australian Cyber Security Centre (ACSC) urged Australian businesses to take preventative measures to strengthen their cyber security position.
More recently it has been revealed that Australians lost over $300 million to scams in 2021, with the ACSC claiming they have one cyber-attack reported to them every 8 minutes, making it all the more important that businesses are prepared.
However, cyber resilience takes a collaborative approach. The responsibility to prevent attacks doesn’t lie solely in the hands of individuals and businesses, government has an important role to play. Following Russia’s invasion of Ukraine, Eric Milman, VP of Research and Intelligence at Blackberry stated, "as government agencies collect and share more digital information, they must develop a comprehensive, integrated approach to security to protect highly confidential data and communication.”
In the past few weeks, the Australian Government has made headlines across the world for their commitment to strengthening cybersecurity on a national front, but what exactly is the plan of action?
2022-23 Budget: “The biggest ever investment in Australia’s cyber preparedness”
In the 2022-23 Australian Budget, the federal government announced a $9.9 billion cybersecurity package, which Treasurer, Josh Frydenberg, stated was “the biggest ever investment in Australia’s cyber preparedness”. Bundled under a program named REDSPICE (Resilience – Effects – Defence – Space – Intelligence – Cyber – Enablers), the package aims to increase Australia’s offensive and defensive cybersecurity capabilities over the next decade.
Although plans for how the package will be spent are still somewhat murky, it appears that increasing funds for the Australian Signals Directorate (ASD) will be a main focus over the next four years. In this period, the number of ASD employees is set to double, with 1,900 jobs being created.
To assist with bolstering the ASD’s capabilities, just days before the budget was released at the ANZUS Alliance’s 70th anniversary, Prime Minister Scott Morrison announced the development of the Cyber and Critical Technology Intelligence Centre. It’s hoped that the state-of-the-art facility will provide the ASD with the required tools to defend and beat increasing cyber threats.
Additionally, the federal government introduced the Small Business Technology Investment Boost. This program offers businesses with less than $50 million annual turnover a 20% rebate on expenses related to supporting a digital update, such as introducing cyber security systems, up to $100,00 of expenditure per year.
Former head of Information Warfare for the Australian Defence Force (ADF), Marcus Thompson, stated that “The decision to invest nearly $10 billion into Australia’s cyber defence capabilities is welcome and long overdue. It begins to recognise the threats we face in a changed global environment are more likely to come from the digital world,”.
National Plan to Combat Cybercrime 2022
The first National Plan to Combat Cybercrime was released in 2013. In the years since, technological advancements and a growing dependence on the internet and digital technologies has left Australians more exposed than ever before to cyber threats.
The estimated cost of cybercrime in Australia annually is now $2 billion, which is why it was imperative to have a national response. With this in mind, the Australian Government have released an updated National Plan.
The 2022 National Plan focuses on three main pillars:
- Prevent and Protect
- Supporting industry leadership to prevent and protect against cyberattacks
- Leveraging research and development to respond to the threats as they evolve
- Encouraging the Australian community to strengthen their own resilience to cyber threats
- Investigate, Disrupt and Prosecute
- Continued efforts to investigate, disrupt and prosecute cybercrime by strengthening partnerships between public and private sectors
- Supporting law enforcement to adapt to evolving cybercrime, and to assist them in accessing offshore electronic evidence to aid prosecution
- Ensuring Australia’s cybercrime legislation stays current and relevant
- Enhancing cybercrime data collection, reporting and intelligence
- Recover
- Work with law enforcement and the private sector to continue to increase awareness on how victims can report incidents and access support
- Continue working with law enforcement and industry leaders to stop illegal and fraudulent payment structures and processes
- Continued support for organisations that specialise in providing post-incident support to cybercrime victims
The plan also commits to establishing the National Cybercrime Forum, which will be chaired by the Department of Home Affairs. The Forum will “leverage the experience, powers, capabilities, intelligence, and experience of all jurisdictions to build a strong multi-faceted response to cybercrime harming Australia and the Australian community”.
You can view the National Plan to Combat Cybercrime 2022 here.
With nine out of 10 cyber attacks starting with an email, implementing a specialist cloud-based email security solution like MailGuard is a smart first step for businesses that are looking to ‘strengthen their own resilience to cyber threats.’
National Plan to Combat Cybercrime 2022
Following the 2022-23 Budget announcement, we asked MailGuard CEO, Craig McDonald’s, network of industry professionals and business leaders whether they believed the Australian government was doing enough to combat rising cybercrime.
- 12% of voters responded Yes,
- A resounding 71% responded No, and
- The remaining 17% were unsure
While the network consists of individuals from across the globe, the majority of respondents were from Australia and the US, two countries which have adopted similar stances on cybercrime.
Here are a couple of replies from Australian residents, referencing the budget announcement:
“Pre-election words vs post-election deeds will be the deciding factor here regardless of your political leaning. There’s a lot of work to do in this space and funding is a good start, but only a start.”
“I'd like to see where and how they intend to spend it... That'll determine whether or not they know what they're doing, regardless of the $ they throw at it.”
From these responses, it’s evident that transparency is of the utmost importance. While the budget announcement, development of REDSPICE and the Cyber and Critical Technology Intelligence Centre, and updating the National Plan to Combat Cybercrime are a solid start, it’s the results that these actions produce which are important to Australians.
Although at a national level, cybersecurity leadership is critical from the government, it’s also important for businesses to take preventative measures, particularly for remote or hybrid workforces. As always, collaboration and leadership are key for both the public and private sectors.
Developing your knowledge is a critical first step towards protecting your business from cyberattacks. You may find our white paper on Staying Cyber Safe in 2021 & Beyond useful in shaping the outlook of cybersecurity going forward. Our eBook 6 Practical Solutions for Managing a Hybrid Workforce can also provide suggestions for how you can strengthen security in your business.
Fortify your defences
No one vendor can stop all threats, so don’t leave your business exposed. If you are using Microsoft 365 or G Suite, you should also have third-party solutions in place to mitigate your risk. For example, using a specialist cloud email security solution like MailGuard to enhance your Microsoft 365 security stack.
For more information about how MailGuard can help defend your inboxes, reach out to our team at expert@mailguard.com.au.
Share your thoughts by adding a comment, and stay up-to-date with MailGuard's latest blog posts by subscribing to free updates with the button below.
