As the nation faces an array of complex security challenges in coming years, home affairs minister Clare O’Neil has announced a program to develop a new cybersecurity strategy to strengthen the country’s critical infrastructure and become the “world’s most cyber secure country by 2030”.
O’Neil believes the new national strategy has got to be a partnership between the private sector, government, and Australian citizens, focusing more on sovereign capabilities, strengthening critical infrastructure and government systems, and international engagement.
With a cyber reset underway, Australia can bolster its national security capabilities to protect data by working with cybersecurity partners that bring deep experience, trusted and verified capability, secure global supply chains, and interoperability.
Nicole Quinn, head of government affairs APAC, Fortinet, said, “Working together, the government and private sector can tackle rapidly emerging threats and maintain secure and resilient networks and systems.”
What governments should look for in a cybersecurity partner
While the government can use cybersecurity laws to investigate and act against cyber-crimes, it can’t mitigate all the incoming threats alone. Building cyber resilience requires a sharing of knowledge and understanding of threats between government and critical infrastructure operators, service providers, and cybersecurity companies.
But how can private partners overcome Australia’s ongoing supply chain disruptions?
Nicole Quinn said, “Industries covered under the Security Legislation Amendment (Critical Infrastructure) Act 2022 face growing challenges relying on increasingly complex supply chains and cyber vulnerabilities across multiple angles. Australia’s geographic location and size limits its capability to locally design, manufacture, and distribute high-value cyber goods and services.”
The answer? Trusted global supply chains.
Defending Australia and its national interests requires partners with strong and trusted global supply chains and the ability to draw on globally scalable production capabilities. Partnering with a global security leader with deep experience in protecting operational technology (OT) can also help governments and businesses better understand and defend against cyber threats.
“Historically, Australian governments and critical infrastructure entities have approached cybersecurity from a product perspective; however, the modern cyber threat requires a more integrated approach that manages components as a full system.
“Defence systems need to work together at machine speed to better support the scarce cyber defenders tasked with building, integrating, and operating these complex systems. Best cybersecurity practices at a national level require a holistic approach that protects against cyber threats at every point in complex business, critical infrastructure, and government operations,” states Quinn.
However, a layered approach to cybersecurity goes beyond technology and processes. Organisations must also consider how they leverage people.
“Humans are a necessary part of modern cybersecurity and the first line of defence against combatting cyber attacks. Their cyber security understanding and skills are essential in the battle against cyber crime. Implementing cyber training and awareness needs to be a foundational requirement for all employees, regardless of role,” advised Quinn.
“Because of the ever-changing nature of the threat landscape, training should cover a broad range of topics to better equip employees to defend themselves against these threats. Working with a highly qualified partner with comprehensive cybersecurity and awareness training will help prepare Australia to deal with risks and threats in its systems, networks, and devices.”
A balanced approach to public-private partnership
Threats against Australia’s critical infrastructure are becoming more complex, more prolific, and more frequent. The recent prominence of data breaches and the increased transparency from high-profile public institutions is a major wake-up call that Australia needs to take a new approach to cybersecurity.
Cyber attacks of that magnitude on Australia’s critical infrastructure will continue to hit our shores, revealing a troubling truth: the scope and scale of the cyber threat problem is too big for governments to tackle alone.
Australia needs to bolster its national security capabilities to protect data by joining forces with trusted private sector partners, sharing threat intelligence, fostering cyber education, and sharpening incident-response capabilities to defend complex economies and societies.
For more information on government and industry partnering on cybersecurity, download this resource on Protecting Data Sovereignty.