Australia’s New Cybersecurity Strategy

by | Nov 29, 2022

In order to achieve our vision of building a safer online environment for Australians, their companies and the critical services on which we all rely, the Australian Cybersecurity Strategy 2020 will invest $1.67 billion over 10 years. It will be delivered via:

  1. Action by companies to secure their goods and services from identified cyber threats and secure their customers.
  2. Government action to improve the security of Australians, companies and vital infrastructure from the most advanced threats.
  3. Community action to practise safe online behaviour and make better purchase decisions.

Although this policy is an initiative of the Australian Government, we acknowledge the vital role of the state, territory, local governments, companies, academics, international partners and the wider community in improving the cybersecurity of Australia. In the implementation of the Cybersecurity Strategy 2020, every part of the government, company and the society have a role to play.

Australia’s Cybersecurity Strategy for 2020

The Australian Government published the Cybersecurity Strategy 2020 on 6 August 2020, with its $1.67 billion commitment to be spent on cybersecurity over 10 years (2020 strategy).

The 2020 strategy builds on the Australian Government’s 2016 Cybersecurity Strategy to promote and safeguard Australian interests online. The 2020 Strategy was built following the consultation process of the Industry Advisory Panel (IAP), which led to the publication of its final report in July 2020. The IAP report provided the Government with 60 recommendations covering the broad spectrum of cybersecurity concerns and suggested a structured solution that was implemented in the 2020 Strategy.

Where would $1.67 billion go?

Over the next 10 years, the government is committed to investing $1.67 billion, which includes upgrades to vital infrastructure defences, based on a series of commitments to be placed on owners and operators. The major portion of the government’s investment in the Australian Cybersecurity Centre (ACSC) will fund cyber resources, with additional personnel to be recruited from the Australian Federal Police, the Australian Signals Directorate and capacity building at each of the Joint Cybersecurity Centres (JCSCs).

New forces, including methods of tackling encrypted network networks, such as those that make up the dark web infrastructure (such as TOR), will also be implemented by regulatory reforms, offering new ways for law enforcement to investigate and shut down cybercrime.

Secure Hubs for Government

With departments and agencies continuing to struggle to enforce rudimentary cybersecurity measures, main issues are government systems and records.

The government is preparing to “centralise the management and operations of the vast number of networks” operated by agencies as a priority in an attempt to improve cyber resilience.

The strategy stated that centralising networks would allow the government to “focus its investment in Cybersecurity on a smaller number of safer networks”.

The strategy says, ‘A centralised model would be built to encourage creativity and agility while also achieving economies of scale.’

It also intends to explore the development of “secure hubs” to further decrease the number of networks that can be attacked by hostile actors, although the method does not elaborate about what this would look like.

To prevent unnecessary threats, regular cybersecurity provisions will also be incorporated into government IT contracts.

The strategy states that 35.4 per cent of the 2266 cybersecurity incidents that the ACSC responded to in the 2019-20 financial year were targeted by federal, state and territorial agencies.

Critical infrastructure suppliers in the healthcare, education, finance, water, communications, transport and energy sectors have been affected by about the same number of accidents.

In order to improve their ability to fight cybercrime, including $89.9 million for the Australian Federal Police, the government will also provide law enforcement agencies with $124.9 million.

The funding will sit alongside proposed legislation that will help the AFP locate people on the dark web who are involved in serious criminal activity.

A further $31.6 million will also be raised by the ACSC to strengthen its ability to fight offshore cybercrime and enable federal, state and local law enforcement to detect and disrupt cybercriminals.

As per the strategy, the Australian Government will ensure that it has sufficient powers and resources for targeting, combating and preventing cybercrime, particularly on the dark web.

Actions for Business in Australia’s New Cybersecurity Strategy

Improving the security and resilience of critical infrastructure operators in our increasingly interconnected environment is vital to the safety of Australia’s economy and national security. The government has outlined the implementation of an improved regulatory framework for protection to improve the stability of the nation and ensure that Australia can respond quickly in an emergency. In response to immediate and severe cyber-attacks on Australia’s most critical networks, the framework provides security responsibilities for critical infrastructure providers and government aid to industry. The package will also include over AU$66 million to help Australia’s major critical infrastructure providers analyse their vulnerability networks and cooperate to strengthen their posture in cybersecurity.

Small to medium-sized enterprises are also getting a shout-out, with the government noting that it will partner with large corporations and help small and medium-sized Australian businesses boost their cybersecurity and raise their knowledge of cybersecurity. For example, this can be done by offering information and resources on Cybersecurity as part of packages of protected services (such as threat blocking, antivirus and cybersecurity awareness training).

Finally, the government states the value of partnering with industry to encourage security by design, urging internet service providers to offer protected internet services and mentioning the release of a “Voluntary Internet of Things Code of Practice” to help customers recognise the security and privacy implications of the IoT products they buy.

To date, Australia has been fortunate to escape a devastating cybersecurity incident against its companies. It is generally understood that, across Australia, the loss of an important service may have catastrophic consequences. In order to improve protection and resilience in critical infrastructure sectors, these steps are necessary.

Establish your Cyber Resilience for Success in the Future

The Cybersecurity Strategy 2020 of the Australian Government raises a range of questions which remain unanswered. One thing is clear, however, that the government plans to spend a significant amount of money on itself, while changes within our legislative structure would force companies to improve their security posture and reinforce the controls on cybersecurity incorporated into their products and services.

Changes are coming; our advice is that by planning and engaging in creating a security roadmap that helps you comply with legislation as it is implemented, you get ahead of the curve.

The Australian Government published the Cybersecurity Strategy 2020 on 6 August 2020, with its $1.67 billion commitment to be spent on cybersecurity over 10 years (2020 strategy).

How to get Microsoft Defender Health on Mac Fleet

Managing Macs for multiple companies gives us the opportunity to work in various environment and detect issues where it occurs first & then implement a solution for all others at the same time. Recently there was a requirement to find if there are MDD instances...

Implementing Machine Learning in IT Support Setup

Machine learning has the potential to revolutionize the way IT support businesses operate. This cutting-edge technology can be applied in a number of ways to improve the efficiency, accuracy, and speed of IT support services. Here are some ways that machine learning...

Benefits of Apple Business Managers

Apple Business Manager is a web-based platform designed to streamline the process of purchasing, deploying, and managing Apple devices within a business organization. It allows IT administrators to manage and distribute Apple devices and apps to their employees,...

Adoption of Macs in Enterprise: A Growing Trend

This image belongs to In recent years, there has been a growing trend of enterprises adopting Macs as their primary desktop and laptop computers. This shift in technology can be attributed to several factors, including...

ESG as future of IT

ESG, or environmental, social, and governance, is becoming increasingly important in the field of IT. As technology continues to advance and play a larger role in our daily lives, companies are being held to higher standards in terms of their impact on the environment...

Secure Your Mac with FileVault

FileVault is a built-in encryption tool for Macs that helps protect your data from unauthorized access by encrypting your hard drive. Enabling FileVault is a simple process that only takes a few minutes, and it can give you peace of mind knowing that your data is safe...

Is outsourcing IT to India is better or keeping it inhouse?

There are pros and cons to both outsourcing IT services to India and keeping IT within the company. Ultimately, the decision to outsource or keep IT in-house will depend on the specific needs and goals of the company, as well as the resources and capabilities...

How to be a good SCRUM Master

In an Agile development team, the Scrum Master is a crucial role that helps the team to work effectively and efficiently. A Scrum Master is responsible for facilitating the team's use of the Scrum framework and ensuring that the team is able to deliver high-quality...

Basics of Enterprise Patch Management

Enterprise patch management is the process of ensuring that all the software and applications within an organization are kept up-to-date with the latest patches and updates. This is important because software and applications are constantly being improved and updated...

Cost saving for enterprises by choosing M1 Macs

The M1 Mac has had a significant impact on the enterprise market since its release. As a highly-efficient and powerful machine, the M1 Mac has proven to be a valuable asset to businesses in a variety of industries. One of the key benefits of the M1 Mac is its improved...

CRM Is A Process, Not A Product! How Can We Make CRM A Successful Tool?

CRM (Customer Relationship Management) is software that allows businesses to manage business relationships and information associated with them. It provides a platform that manages interactions with customers, stores information about them, and automates processes...


Digital Workplace Services

Automated Tasks

 Office IT Support

Intune for Win & Mac

Citrix Virtual Apps

Mac Win iOS Android

Mac & Win Trained