Australia must work towards the goal of no successful cyber attacks, according to Minister for law enforcement and cyber security Angus Taylor.
“As Australia’s cyber security maturity grows and evolves, we need to be adapting our posture towards zero. Zero successful attacks, zero mistakes and zero negative impact,” he told the audience during his plenary address at the 12th Technology in Government conference in Canberra on Tuesday.
“I believe stopping the bots needs to have the same single-minded focus that we as a government had for stopping the boats,” referring to the slogan former Prime Minister Tony Abbott used throughout his tenure.
During his speech, Taylor discussed the cross-department nature of the Australian government’s cyber defences, which now combines the functions of the Australian Security Intelligence Organisation (ASIO), the Australian Federal Police (AFP), Border Force, Australian Criminal Intelligence Commission (ACIC), AUSTRAC and the office of transport security.
“There hasn't been a single program, update, threat report, or incident response in my eight months in this job that was handled by one agency acting alone,” Taylor said.
“The agencies of the federal government need to be integrated and working together in a way that they never have before, and that's starting to happen.
“The government's cyber defences start with the newest graduate and stop with the Prime Minister,” he said.
“They start in the giant mainframes of DHS and they end in a USB stick that has been used to move files from one place to another.
“Because our cybersecurity is only as strong as the weakest point.”
While praising the current approach, he also suggested that Australia can take a more proactive role in preventing attacks.
“Australia’s national cyber defence must be one of forward defence,” he said. “We can’t expect to hide behind our firewalls and our gateways in some sort of glorious isolation and hope that the threat will pass.
“We have to build a system that’s active, outward-looking and collaborative.”
And he expects this collaboration to not only be intra-governmental, but also between the public and private sector.
“For too long the government has viewed the private sector as a service provider or as a piece of infrastructure that must be protected,” he said.
“In traditional national security that was the right model, but if we’re going to protect all Australians, the forward defence cyber must deliver an economy-wide view of cyber security; it must be defence in depth.”