On 6 August 2020, the Australian Government released Australia’s Cyber Security Strategy 2020.
The Australian Cyber Security Strategy 2020 will invest $1.67 billion over 10 years to achieve the government’s vision of creating a more secure online world for Australians, their businesses and the essential services upon which they all depend. It will be delivered through:
- Action by governments to strengthen the protection of Australians, businesses and critical infrastructure from the most sophisticated threats.
- Action by businesses to secure their products and services and protect their customers from known cyber vulnerabilities.
- Action by the community to practice secure online behaviors and make informed purchasing decisions.
Highly sophisticated nation states and state-sponsored actors continue to target governments and critical infrastructure providers. Australian government or state and territory government entities were targeted in 35.4% of the incidents the Australian Cyber Security Centre responded to in the year to 30 June 2020. Around 35% of incidents impacted critical infrastructure providers that deliver essential services including healthcare, education, banking, water, communications, transport and energy. A successful cyber attack against one of these services could have significant ramifications for the broader economy and Australian way of life.
While the new strategy is an Australian government initiative, the government recognizes the essential role of state, territory, local governments, businesses, academia, international partners and the broader community in strengthening Australia’s cyber security. Every part of government, business and the community has a role to play in implementing the Cyber Security Strategy 2020.
The strategy calls for businesses to produce secure products and services wherever possible as part of a strong and prosperous digital economy. A voluntary Code of Practice will set out the Australian government’s security expectations for the internet-connected consumer devices Australians use every day. The government will work with industry to consider and clarify the cyber security obligations of industry in the future, including through regulatory reforms.
Government and large businesses will assist small and medium enterprises (SMEs) to grow and increase their cyber security awareness and capability.
The Australian Cyber Security Strategy 2020 replaces Australia’s 2016 Cyber Security Strategy.
The new strategy was informed by extensive consultation. Between September 2019 and February 2020 the government met with more than 1,400 people from across the country in face-to-face consultations, including workshops, roundtables and bilateral meetings. It received 215 written submissions in response to a call for views. 156 of these submissions were public and have been published.
The Minister for Home Affairs also established an Industry Advisory Panel to provide strategic advice to support the development of the Australian Cyber Security Strategy 2020. The Industry Advisory Panel has released its final report available at 2020 Cyber Security Strategy Industry Advisory Panel.