Towards a safer online world for Australians at every level


A year ago the Turnbull government set out Australia’s first cybersecurity strategy. It recognised that as we become more dependent on the internet, we need to ensure that in every respect Australians, their assets and their privacy are safe online.

The strategy outlined our commitment to build protective cybersecurity capacity, and events over the last year have demonstrated how important it is to maintain high levels of cyber vigilance and security.

The census was taken offline on census night because basic protections had not been put in place. The Russian hacking that sought to interfere in the recent US election again took place because security at various political servers had been inadequate.

More and more sophisticated attempts to penetrate our computer networks and systems are being perpetrated all the time.

The genius of the internet is that it is open — potentially connecting every person on the planet to every other: every student to every library, every government to every citizen, every device to every device. But at the same time this openness makes it vulnerable to those who wish to do us harm. We cannot eliminate all online risks but we can mitigate them and, by raising awareness, collaborating with industry and using commonsense security practices, we can be much safer online.

Don’t open attachments on emails unless you are very confident they are from a trusted source; change your passwords regularly; use two-factor verification wherever it is available; and, if you are running a business, make sure your system administrator is well known to you and thoroughly trusted.

After all, while cyber vulnerabilities are often found in flaws in software or hardware, the weakest point is generally the “warmware” — the human beings who, whether through carelessness or malicious intent, allow security to be compromised.

In the cyber game, we must be ahead of the pack.

We need to build our national cyber capacity, not just at a government level but across the economy, from the largest corporation to the smallest small business, to the netizens we all are on our smartphones, at home, at school, on the train. That is why the government is pleased with the progress that has been made during the past 12 months.

Since the launch of the cybersecurity strategy, the national conversation about cyber has shifted. There is a much higher level of awareness about cybersecurity among technical experts and the growing band of entrepreneurs that is seeking to leverage this industry’s growth. But almost all of us now, one way or the other, are doing business online, using cloud services and expecting our government to do more to keep us safe online.

No Australian government has done more to protect our interests in cyberspace. We are determined to build a credible cybersecurity shield, and provide the tools to ensure families and businesses have confidence in the security of their online transactions.

In just a year we are well on the way to implementing all recommendations of Australia’s cybersecurity strategy. Importantly, we have created momentum. Our $230 million commitment is well targeted and well spent.

We have opened the first joint cybersecurity centre in Brisbane and will open centres in Sydney, Melbourne and Perth this year. We are developing the next wave of homegrown cyber enterprises through the Australian Cyber Security Growth Network and academic centres of cybersecurity excellence.

We have brought together government and business to share their cyber experiences and to work together to better protect the nation from the threat of online criminals. This is the focus of the new joint cybersecurity centres, where the Australian Criminal Intelligence Commission, Australian Federal Police, state police and affected businesses can tackle common cyber threats in one location.

An unprecedented number of business leaders and company directors understand the imperative to ensure the enterprises they lead have strong systems in place to protect their customers from malicious attacks. Of the 113 companies surveyed in the Australian Cyber Security Centre report released today, 71 per cent have a cybersecurity response plan in place compared with 60 per cent in 2015. They also understand the strong economic dividends that will flow from being resilient to cyber threats.

Just last week Deloitte released modelling that showed a handsome pay-off if we get the investment settings right and unleash a new generation of cyber entrepreneurs. By 2030 this cyber investment could lead to a 5.5 per cent lift in business investment, contribute to 2 per cent wages growth and generate 60,000 jobs.

Australia is well placed to become a global cyber leader.

In its 2017 cybersecurity sector competitiveness plan, the Australian Cyber Security Growth Network forecasts the Australian cybersecurity industry has the potential to almost triple in size across the next decade, with revenues soaring to $6 billion by 2026, from just more than $2bn today.

These are impressive statistics and highlight why my government is placing such a premium on promoting cyber growth.

And it’s why we were the first to put cybersecurity on the national agenda of the Council of Australian Governments.

In 2017 we know much more about the opportunities and threats posed by cybersecurity than we did a year ago. No one could have anticipated just how fast the industry has accelerated.

The biggest priority is to protect the nation’s security and we are determined to ensure our cyber defences remain first class.

We need to be agile and willing to back a cyber sector that must not be risk averse but instead prepared to accept change. If we continue to do that — get the settings and investment right — we can be confident of building a world-class cybersecurity industry generating more investment and more jobs in this fast moving digital era.

This opinion piece by Prime Minister Malcolm Turnbull was first published by The Australian on Wednesday 19 April 2017.