A cyber security coordinator will be appointed to lead the federal government’s new national cyber office and provide “spine and strategy” to the response to future cyber threats and attacks.
Prime Minister Anthony Albanese and Home Affairs and Cyber Security Minister Clare O’Neil held a roundtable in Sydney on Monday afternoon to open consultations on a new seven-year cyber security strategy in the wake of the devastating Optus and Medibank hacks late last year.
The new Labor government will be scrapping the former government’s $1.67 billion Cyber Security Strategy, which was launched in 2020 and was meant to run for a decade.
A new seven-year strategy will be launched later this year following extensive consultation led by a taskforce helmed by former Telstra boss Andy Penn.
Ahead of the consultation and new strategy, the government announced the creation of a new coordinator of cyber security, who will lead the National Office for Cyber Security within the Department of Home Affairs.
ACS president Nick Tate was one of the 23 invited guests at the cyber security roundtable.
Dr Tate said the government should be commended for taking these steps to put Australia at the forefront of global cyber security.
“ACS has long advocated for stronger cybersecurity policies that reflect the importance of the IT sector to our entire society, not just corporate Australia or government agencies, so we greatly welcome the government’s statement of intentions with the National Cyber Security Strategy.”
The federal government is in the process of advertising this role, with hopes of having it stumped up within months.
The new cyber coordinator will guide the development of an emergency response plan and will play a central role in responding to any future cyber attacks in Australia, O’Neil said.
“We’ve arrived in government confronting a real mess with cyber security, so what we saw was different parts of government and the private sector doing important things, but kind of all rowing in different directions, and what was clearly needed here was political leadership,” O’Neil told ABC Radio National AM on Monday morning.
The cyber coordinator will have two key roles, she said.
“The first will be to try to provide some strategy and structure and spine to the work being done across government, so it will mean things like making sure that the billions of dollars that we are investing in cyber security each year are being spent in a way that’s strategic and appropriate, that we’ve got different parts of government communicating with each other and working together on helping lift cyber security protections across the country,” O’Neil said.
“The other really important part of this person’s job will be to help manage cyber incidents in a proper, seamless, strategic way across the Australian government.”
The focus on cyber security has been spurred by a series of significant cyber attacks last year which received widespread attention and impacted millions of Australians.
These included the breach of Optus, which saw the personal information of 9.8 million customers impacted, and an attack on Medibank which saw the data of 9.7 million customers dumped onto the dark web.
The new cyber office and coordinator would have made a “huge difference” had they been in place at the time of these large-scale hacks, O’Neil said.
“When Optus hit, much to my shock as Cyber Security Minister, there was no cyber emergency response function in the Australian government,” she said.
“I am really angry about that. Those events were completely foreseeable events that were completely not foreseen by the previous government.”
Previous laws introduced by the Coalition and supported by Labor were “completely useless” in dealing with these breaches, the cyber Minister said.
“What we found with Optus and Medibank, I literally sat down with these laws and found they were absolutely bloody useless in helping me deal with the exact situation the former government had designed them for,” O’Neil said.
The roundtable in Sydney on Monday saw leaders from the public service and intelligence agencies meet with independent experts to discuss ways to incentivise best practice cyber behaviours, ways to grow the local cyber sector and raise awareness of cyber security practices in the general population.
Introducing the roundtable, Albanese said that cyber security is “fundamental” to the Labor government.
“We recognise it’s an essential part of life, the way that every Australian and every business and every community organisation deal with each other on a day-to-day basis,” he said.
“It’s absolutely critical as well for maintaining trust in our public institutions, and our public service.
“It’s critical to maintain confidence in your commercial dealings, and also in your intellectual property, which is often the foundation of your wealth.
“This is a really fast moving, rapidly evolving threat, and for two years Australia has been off the pace.”