CyberCX 2021 Budget Analysis

After experiencing one of the most challenging years in living memory, Australia has a unique opportunity to emerge from the pandemic-induced global recession in a strong position relative to comparable economies.

This year’s Federal Budget is designed to enable Australia to continue progressing along the road to recovery, capitalising on the opportunities and trends which will define the post-COVID era. Importantly, this includes funding for initiatives that will support an uplift in cyber security capability across the economy, including strengthening our cyber skills pipeline, and measures to harden our security where it is most vital, such as critical infrastructure.

Throughout the last year, Australian businesses have adapted and evolved in response to the unprecedented economic disruption caused by lockdowns, restrictions and other measures implemented to restrict the spread of COVID-19. Both private enterprise and government agencies have rapidly deployed remote working capabilities and increased their use of digital tools and platforms.

This trend is expected to continue across the Australian economy as both the private and public sectors leverage the momentum of digital transformation. As businesses, governments and citizens rely more heavily on digital, online solutions, the inherent level of cyber risk unavoidably increases. Enhancing Australia’s cyber security capability will be crucial to ensuring the sustainability and success of our digital economy.

Government investment in cyber security initiatives not only hardens our defences and resilience with respect to cyber risk, it also improves the confidence of business and consumers who can be empowered to embrace the opportunities of digital, while managing the risks.

So how is the Government investing in cyber security through this year’s Budget?

Driving growth and ensuring the security of our digital economy

The big-ticket item in this year’s budget for Australia’s digital technology sectors is the funding attached to the Government’s recently announced Digital Economy Strategy.

Building on their 2020 Cyber Security Strategy, the Government has committed a further $55 million for initiatives related to cyber security, including:

  • $31.7 million to enhance the security of Australia’s mobile networks and accelerate the commercialisation of sovereign network and data security solutions;
  • $18.8 million to pilot centralised delivery of cyber capabilities and services for government agencies through Whole-of-Government cyber hubs;
  • $2.8 million to strengthen Australia’s national system of identity settings;
  • $1.8 million to deliver a National Data Security Action Plan co-designed with industry.

Addressing the cyber skills gap

Key to achieving an economy-wide uplift in cyber security is the ability to develop and mobilise the necessary skillsets.

Even before the COVID-19 pandemic, Australia was experiencing a cyber skills shortage. With international mobility predicted to remain restricted for most of financial year 2022, it is more important than ever to invest in a robust skills pipeline to develop homegrown, world-class talent to take on the roles that will be in increasing demand in the cyber security sector.

The Government is stepping up its support for cyber skills initiatives, allocating $43.8 million over three years to expand the Cyber Security Skills Partnership Innovation Fund. The Fund invests in projects to improve the quality and quantity of cyber security professionals in Australia and the additional funding will be provided to further secure and build capability across national priority sectors.

Strengthening the defence of critical infrastructure

The most significant piece of legislation currently before the Parliament in relation to Australia’s cyber security is the Security Legislation Amendment (Critical Infrastructure) Bill 2020 (SOCI). In the context of increased threats from cyber criminals and nation-state actors, SOCI has been introduced to enhance the security and resilience of critical infrastructure assets and systems of national significance.

As outlined in the Budget, the Government will provide $42.4 million over two years from 2021-22 to improve security arrangements for critical infrastructure assets, including those designated as Systems of National Significance, in accordance with SOCI. The funding will also go towards providing assistance to critical infrastructure owners and operators to respond to significant cyber-attacks.

Key agencies get a cyber boost

In addition to various measures designed to support cyber security improvements across the private sector, the Budget also outlines funding to strengthen the cyber security capabilities of some key agencies intrinsic to national security and good governance.

$1.3 billion has been budgeted for the Australian Security Intelligence Organisation (ASIO) over the next decade to support ASIO’s technological capabilities and enhance its ability to address threats to Australia’s national security.

The Australian National Audit Office will receive $61.5 million over four years from 2021-22 to address rising costs due to more complex financial data and records management arrangements, new audit controls relating to COVID-19 measures, and the need to enhance IT cyber security migration.

Conclusion

Measures outlined in this year’s Federal Budget reflect the importance of cyber security to Australia’s national security and economic prosperity. Initiatives to further secure our digital economy, build out our cyber skills, and protect our critical infrastructure are warmly welcomed, as is the support for key agencies which strengthen our national security and sovereignty.

These measures will put Australia in a strong position to enhance our cyber security capability and resilience across the economy as we look toward the promise of our post-COVID recovery.