In response to the Australian government Department of Home Affairs’ recent call for comments on the 2023-2030 Australian Cyber Security Strategy Discussion Paper (referred to as the Strategy), over 280 submissions were received. This overwhelming response underscores the undeniable importance of fortifying Australia’s cybersecurity and emphasises the urgent need for a collaborative approach from both the public and private sectors. By exploring the details of the Strategy, organisations can align their contributions with the broader goals, working together to shape the future of Australia's digital landscape in a meaningful way.
The current draft of the Strategy focuses on key policy areas that are essential for strengthening cyber resilience. These areas include: enhancing and harmonising regulatory frameworks, strengthening Australia's international strategy on cybersecurity, and securing government systems.
Enhancing and harmonising regulatory frameworks
The Strategy aims to improve regulatory frameworks by clearly defining cybersecurity obligations across the economy and increasing national cyber resilience through robust cybersecurity measures in digital products and services. There may also be opportunities to simplify existing frameworks and streamline reporting and response requirements following a cyber incident.
Strengthening Australia’s international strategy on cybersecurity
The Strategy seeks to bolster Australia’s international cybersecurity, seizing opportunities and confronting challenges in the evolving cyber landscape. By leveraging its respected voice in promoting online safety, Australia can influence global perspectives on new and emerging technologies.
Securing government systems
The Strategy must consider both technical and non-technical aspects—such as government frameworks, inventory management, and risk planning—to better secure government systems. It’s crucial to also recognise that cybersecurity requires more than just technology; investing in the human element is essential, too.
Fortinet has responded to the Strategy, offering three key areas for consideration in its submission:
1. A focus on global threat intelligence and sharing
A future Strategy must prioritise a comprehensive threat intelligence framework and foster collaboration among stakeholders. Fortinet, with global partnerships including the World Economic Forum (WEF) and Interpol, understands the need for cross-border cybersecurity efforts and genuine collaborative partnerships. Effective sharing of expertise and data can bring substantial benefits to Australian organisations.
2. A focus on emerging technologies
Fortinet’s research highlights the importance of addressing security risks related to emerging technologies like 5G, Internet of Things (IoT), and cloud computing. A future Strategy should prioritise policies and guidelines that facilitate secure adoption, including secure-by-design principles, vulnerability management, and security assessments. Collaboration with trusted vendors, dedicated to ongoing security enhancements, is essential for ensuring a secure tech landscape.
3. Better cybersecurity education and awareness
Fortinet’s research found that a significant number of breaches are linked to insufficient cybersecurity skills among IT professionals. As a result, the Strategy should prioritise the development of programs and initiatives that foster cybersecurity literacy, including targeted educational campaigns and public-private partnerships. Fortinet’s commitment to training one million individuals in cybersecurity by 2026 underscores its dedication to addressing this issue.
An important opportunity to shape Australia’s cybersecurity strategy
The ever-changing cyber threat landscape poses a critical national security issue, which requires a unified effort from both the government and private sector. Strengthening Australia's cybersecurity posture is of paramount importance for organisations to safeguard their sensitive data and avert potentially catastrophic consequences, including severe financial and reputational harm.
The Strategy has presented a significant opportunity for organisations to actively participate and make their voices heard in shaping the policies that will define Australia's digital landscape in the future. As the next stage of consultation begins, it becomes crucial for stakeholders to gain a comprehensive understanding of the Strategy's objectives and the specific issues it aims to address.
For more information on the Strategy, and what key priorities Australia should consider when strengthening its cyber resilience, download Fortinet’s latest discussion paper.