The Australian Government released the 2023-2030 Australian Cyber Security Strategy (the Strategy) on 22 November 2023. According to the Department of Home Affairs:
“The Strategy is the roadmap that will help realise the Australian Government’s vision of becoming a world leader in cyber security by 2030. To achieve this vision, we need to protect Australians. Through the Strategy we seek to improve our cyber security, manage cyber risks and better support citizens and Australian businesses to manage the cyber environment around them. We will do this with six cyber shields.”
The six shields set out in the Strategy are:
- Strong businesses and citizens
- Safe technology
- World-class threat sharing and blocking
- Protected critical infrastructure
- Sovereign capabilities
- Resilient region and global leadership
The sixth and final shield of the Australian government’s 2023-2030 Australian Cyber Security Strategy is ‘Resilient region and global leadership’.
Shield 6 – Resilient region and global leadership
The Australian government hopes to achieve this through:
- supporting a cyber resilient region as the partner of choice: this includes plans to ramp up collaboration with Pacific and Southeast Asian neighbours, establishing a regional cyber crisis response team in the Department of Foreign Affairs and Trade, piloting options to use technology to protect the region at scale (including leveraging existing programs, industry solutions, and investments in undersea cables to bolster connectivity and resilience), and
- shaping, upholding and defending international cyber rules, norms and standards by: advocating for robust international standards in cyberspace technology and emerging technologies, driving development and implementation of high-quality trade rules, advocating for an open and reliable digital trade environment, prioritising digital trade cooperation, striving for high-quality, inclusive regulations which bridge digital divides.
The Strategy also reveals that the Australian Government is committed to using various state resources to deter and address malicious cyber activities. This involves denouncing state actions undermining international law, applying sanctions to those involved in significant cyber incidents based on evidence and national interest while adhering to established norms.
This further emphasises the overall strategy to move towards an ultimate ban on ransom payments (potentially directly in two years’ time via legislation prohibiting these payments as indicated by Minister Clare O’Neal when discussion the Strategy), but also indirectly by bolstering the sanctions currently applicable to named individuals and potentially expanding these sanctions out to include known Threat Actor groups.
Further, whilst the provision of support to Australia’s partners in the Asia-Pacific to uplift regional cyber resilience and foster cyber cooperation is a worthy cause, the regional geopolitical landscape is today as complex and challenging as it has ever been. There is no guarantee that offers of support or investment would be accepted or appreciated. As such, the successful realisation of the objectives of shield 6 very much depends on the ‘bigger picture’ in terms of Australia’s relationship with its neighbours.