Nearly 1,900 Australian cybersecurity specialists and 128 companies have already registered for AUCyberscape, an industry centre of gravity that emerges just as a senior academic warns that the country is investing far too little to deliver the cybersecurity capabilities it will require in the future.

The brainchild of industry-development organisation AustCyber – and supported by Insurance Australia Group (IAG), seven state and territory governments and several private firms – the AUCyberscape portal has been designed as a central source of information about Australian-built cybersecurity solutions.

It is only available to domestic innovators, who had listed 2,443 individual solutions on its debut, and is free for users and service providers as a living catalogue of a $5.6 billion industry that has, AustCyber CEO Michelle Price said, become “larger, more diverse, and sophisticated” in recent years.

Standardising definitions and representation of cybersecurity companies will be critical in getting a handle on an industry where even differences in nomenclature have made it hard to get real clarity around what companies offer.

“We’ve aligned AUCyberscape to the digital language that is now being used internationally,” Price said when the project was announced late last year.

“It is really important to be able to align market developments, and those export pathways for Australian capability, into global markets that are using consistent language and categorisation around cybersecurity capability.”

“Making sure we are talking the same language as our international counterparts [makes] that trade equation smoother, but also helps buyers and investors have a much stronger idea and understanding around what [Australia’s] capabilities actually are.”

Buy Australian

Entries are geographically tied, enabling searches by region as well as cybersecurity specialty through the AUCybermap, where software vendors like Mailguard and Haventec rub shoulders with security consultancies like Ignite Systems and CBIT Digital Forensics Services.

Participating in the new portal “enables security teams in APAC and across the world to source Australian cyber security providers,” launch participant Snare Solutions said, noting that more easily finding domestic security specialists “is becoming critically important as sovereign capabilities play a decisive role in cyber security purchase decisions and the building of secure supply chains.”

The public launch of the portal marks the end of months of work for AustCyber, which recently merged with incubator Stone & Chalk and last month partnered with cyber consultancy CyberCX to launch a portal for job seekers.

It also provides a focal point for the engagement of the cyber insurance industry, with IAG believing “that cyber is one of the most prevalent threats that our businesses face today and needs to be proactively addressed,” said IAG information and analytics director Krishna Nageshwaran when the AUCyberscape project was announced late last year.

“We’re really keen to make this project a success because we believe that increases awareness and, most importantly, business resilience across our client base.”

Charting skills-development success

Although much of its early content relates to existing providers, AUCyberscape’s engagement with students and employers will also provide ongoing visibility into the success or failure of efforts to further develop Australia’s cybersecurity skills base – which, one academic has warned, are falling well behind the curve.

“Governments intent on achieving massive reform and ambitious plans in cybersecurity, and in digital transformation, must invest radically in educational transformation,” UNSW professor Greg Austin, a senior fellow and leader of the Cyber, Space, and Future Conflict Program with the international Institute for Strategic Studies, told a recent Kaspersky forum of senior APAC cybersecurity policymakers.

While Australia had decided to invest $26m in skills development in its 2020 Cyber Security Strategy – up from $4m in 2016 – Austin said that “for a country like Australia, the spend on education for cybersecurity shouldn’t be $26m over 10 years – it’s got to be $100m or $200m over five or 10 years. That’s the dimension of the problem we’re dealing with.”

Yet underspending in education wasn’t the only problem plaguing Australia’s cybersecurity sector, Austin said, noting that in many universities “the Engineering faculty stops the reform and slows down the pace of change – so not only do you have to invest large amounts of money, but you’ve got to shake up the institutions.”

“And that’s interesting as a test, really – for each government to ask themselves ‘have we invested enough? And even if we’re not able to invest more, have we shaken up the educational institutions, and stimulated their reform impulses enough?’”

Private-sector training institutions would increasingly fill the gap, he predicted, with innovation in delivery methods to prove crucial.

Surfacing these educational opportunities is a core mission for AUCyberscape, Price said, with students welcome and supported through their educational journeys right into their eventual jobs.

Students “will be able to pick up information, and to engage in lots of different ways, that the Australian economy hasn’t been able to facilitate before,” she said. “The information that’s available now is quite siloed – and this brings it all together and puts a huge amount of rocket fuel into it.”