China and The Philippines have been excluded from an Australian National University (ANU) ‘bootcamp’ that will welcome officials from other regional governments for two weeks of intensive cybersecurity education, simulations, and site visits.

Funded by the Department of Foreign Affairs and Trade (DFAT), the Cyber Bootcamp Project (CBP) will leverage the relative maturity of Australia’s cyber industry to provide “practice expert advice and skills training” to government officials from 22 countries whose own capabilities vary widely.

Jointly run by the ANU Cyber Institute and ANU National Security College, the bootcamp “will focus on developing skills in good people to conceive, construct and care for good, adaptable, human-centred, secure, resilient systems”, CEO Dr Lesley Seebeck said in announcing the project “to transform cyber for the betterment of humanity”.

Participants will undertake a range of activities including interactive workshops, exercise scenarios, industry site visits, and dialogues with Australian government agencies.

Reaching out to the region

CBP – which DFAT says aims to strengthen the coordination of national cyber policy, strengthen understanding of cyber terminology, internet architecture, and security policies, and increase awareness of regional cyber threats – is run under the auspices of DFAT’s Cyber Cooperation Program (CCP), which was established in 2016 to improve cyber resilience across the region.

CCP includes 22 countries – including ASEAN standbys such as Myanmar, Laos, Vietnam, Cambodia, Thailand, Malaysia, Singapore, Brunei, and Indonesia – as well as tiny Pacific island nations such as Tuvalu, Kiribati, Samoa, Niue, and Palau.

The program has already strengthened engagements between numerous Australian government agencies and regional governments: the AFP’s Cyber Safety Pasifika initiative, for example, provides cyber crime investigative training and cyber awareness training across 14 Pacific region countries.

CCP has also opened new opportunities for Australian ventures like veteran retraining group WithYouWithMe – which has been training cybersecurity specialists in Fiji – as well as legal training through Cyber Law International, governance training through the e-Governance Academy, cybersecurity breach workshops through the Forum of Incident Response and Security Teams, and more.

Trade spawns cyber risk

The Australian government has become increasingly proactive about engaging with business and industry on cyber issues: for example, an “acutely aware” Australian Cyber Security Centre has recently scaled up its warnings about the risks of Windows’ high-severity BlueKeep vulnerability.

By directly engaging government officials in regional neighbours, Australian ambassador for cyber affairs Dr Tobias Feakin said CBP would further foster a culture of co-operation amongst regional partners and smaller countries that may otherwise struggle to defend themselves online.

“Australia’s vision for an open, free and secure cyberspace is impossible to achieve alone,” Feakin said in launching the CBP initiative, which will offer training up to three times annually for the next four years.

The announcement comes as the Australian government talks up the benefits of the Regional Comprehensive Economic Partnership (RCEP), an expansive trade agreement that will redraw the economic and political dynamics of Asia and Oceania.

Yet just as closer trade relationships will create interdependencies, they also create new risk of cybersecurity attacks – with China, Russia, Iran and North Korea singled out in CrowdStrike’s latest Global Threat Report.

Those countries “are seeking geopolitical prominence, both in their respective regions and internationally,” the firm warms. “They will use their cyber capabilities to attain and maintain situational awareness of their neighbours and rivals.”