The Australian government is developing a new cyber security strategy for 2023-2030, aiming to enhance the nation’s resilience and capability in cyberspace. The strategy will be informed by a public consultation process, led by an expert advisory board appointed by the Minister for Cyber Security.
The board has released a discussion paper that outlines the vision, objectives and principles of the strategy, as well as six key themes: cyber resilience, cyber deterrence, cyber innovation, cyber skills and workforce, cyber diplomacy and international engagement, and cyber governance. The paper also poses several questions to solicit feedback from stakeholders and interested parties.
The consultation process will run until 15 April 2023, and submissions can be made via an online webform or email. The board will also hold workshops and roundtables with various sectors and groups across Australia. The final strategy is expected to be released by the end of 2023.
The new strategy will build on the previous 2016-2020 Australian Cyber Security Strategy, which delivered several initiatives such as establishing the Australian Cyber Security Centre, launching Joint Cyber Security Centres in each state and territory, creating a voluntary Code of Practice for Internet of Things devices, and supporting cyber security education and awareness programs. It will also reform the Security of Critical Infrastructure Act 2018 (Cth) by including customer data and systems in the definition of critical assets. This is designed to expand the government’s power to extend over major data breaches following the Optus and Medibank breaches.
Other reforms include:
- Giving the Australian Signals Directorate authority to have direct control over company systems that were affected by cyber attack
- Centralising cyber-specific legal obligations and standards across Australia
- Promoting nationwide protection of critical infrastructure assets, and
- Developing Australia’s relationships with international cyber partners and contributing to international standards.