Cyber reforms to improve personal and economic security for Australia

The traditional lament about our personal security has been that we no longer live in a world that our parents recall, where you could leave your doors unlocked without fearing a break in. Now we can add another end of innocence to the bygone days as the pace of technological change speeds up towards the internet of everything. The early days of digital connectivity, when we could leave our digital doors unlocked without too great a fear of a break in now seem a distant memory.

Australians have embraced the online world at a rapid rate to do business, shop and access information in all forms and to all tastes. Most of us already use the internet from multiple devices and locations and by 2017 almost 90 per cent of us will be online. Already, two-thirds of Australians have social media accounts, which the majority use daily. Correspondingly, Australian business and commerce has necessarily become increasingly dependent on high volume data storage and a range of online trading platforms and many businesses exist only online. The end effect is that more and more of us are doing, buying and communicating more and more online. It is estimated that Australia’s internet based economy could jump from $79 billion last year to $139 billion in 2020.

The rapid growth in our business and communications online has meant increased personal choice and radical improvements in commercial efficiency but it has also offered abundant new opportunities for people engaged in the oldest criminal activities of theft, fraud, criminal damage and espionage. As individual Australians we have worked out the growing need for cyber security by the same process that we worked out the need to lock our back doors – by bitter experience. In 2014 more than one million Australians reported having been the victim of identity theft. The experience is a criminal violation which is traumatic, time consuming to rectify and potentially very costly if bank accounts are compromised.

The examples of economic loss for business are also everywhere. In 2011 an innovative Australian communications, metal detection and mining technology company had its information systems hacked and sensitive design information stolen, with the end effect that the value of its product collapsed by half. In 2013 Whitehaven Coal experienced a temporary crash of more than $300 million in its share price after a “hacktivist” issued a fake press release from ANZ Bank claiming it had withdrawn a $1.2billion loan facility into the company’s Maules Creek mine project. Last year the estimated cost of cybercrime to the Australian economy was $1 billion (with the global cost being $500 billion).

In government we are well aware of the ongoing challenges we face to detect, prevent and deter those who seek to infiltrate our national data systems to steal security information or damage critical defence and infrastructure systems. Already we have made big steps forward in securing our platforms. Most recently, the Coalition created the Australian Cyber Security Centre (ACSC) – a $14.6 million investment to co-locate all the critical agencies charged with protecting our defence, justice and security information systems. We have also invested $3 million for cybercrime reporting and $10 million on countering email spam and online scams.

Last week the ACSC released its first unclassified threat assessment, highlighting the extent of the threat landscape and the reach that cyber actors have in Australia. The report emphasised that cyber espionage and cybercrime pose a significant risk to our national security and economic prosperity.

What has become obvious is that the only way to combat online criminality is for business and government to work together on strategies for responding to cyber threats. The Prime Minister’s Cyber Security Summit in July was the first of many discussions between Government and business leaders. The type of information sharing at the Summit was unanimously considered by the participants to be the necessary platform for further reform that will emerge from the Government’s current Cyber Security Review. Every organisation present recognised that we cannot make Australia a hard target for cybercrime without high levels of co-operation between government and business and by businesses assisting each other.

Tomorrow I will be in Sydney to continue these discussions with an Industry Cyber Roundtable to develop practical ways to progress the partnership on cyber security. Further to these important discussions with industry, the National Cyber Security Strategy will be released in the coming months and will provide guidance across all sectors of the Australian economy to increase our position as a hard target for potential adversaries.

Lifting the standards of cyber security across government and business not only protects us against loss, it will help maximise future gains. Heightened cyber security will also increase the connectivity between people and businesses and so create new markets for business, and the very skills we will develop in the process will themselves foster the innovation and entrepreneurship that will set us in the middle of the dynamic new online economy.

Christian Porter is the Parliamentary Secretary to the Prime Minister