Image: Asha Barbaschow/ZDNet
Hot on the heels of Prime Minister Scott Morrison telling the nation it was under cyber attack from an unnamed state actor, Canberra has made a AU$1.35 billion promise to Australia’s security agencies.
With the funding to be spread over 10 years, the Australian Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC) will receive the boost under a program called the Cyber Enhanced Situational Awareness and Response (CESAR) package, touted as being dedicated to boosting protection and cyber resilience for all Australians.
“The federal government’s top priority is protecting our nation’s economy, national security and sovereignty. Malicious cyber activity undermines that,” Morrison said, saying CESAR will ensure Australia has the tools and capabilities needed to “fight back”.
See also: Australian government, spooks, and industry all on different cyber pages
ASD will receive around AU$31 million to enhance its offshore capabilities; as well as around AU$12 million towards “new strategic mitigations and active disruption options”, which government expects will enable the ASD to work with Australia’s major telecommunications providers to prevent malicious cyber activity by “blocking known malicious websites and computer viruses at speed”.
This is in addition to AU$62 million to deliver a national situational awareness capability that will include education on what threats are targeting which sector, and advice on how to mitigate them.
ASD will also get AU$118 million to expand its data science and intelligence capabilities and around AU$20 million to establish research laboratories to better understand threats to emerging technology.
Meanwhile, around AU$35 million has been earmarked for the delivery of a new cyber threat-sharing platform for government and industry to share intelligence and block emerging threats in near real-time.
See also: Terrorism, espionage, and cyber: ASIO’s omne trium perfectum
CESAR also includes a AU$470 million investment to expand Australia’s cybersecurity workforce, with the government hoping to create over 500 new jobs within the ASD.
The package is expected to be further detailed in the government’s delayed 2020 Cyber Security Strategy, and also forms part of the Department of Defence’s AU$15 billion investment in cyber and information warfare capabilities under Defence’s 2020 Force Structure Plan.
The country’s current cybersecurity strategy was launched in April 2016, with a AU$230 million kitty.
“This investment will significantly strengthen our agencies’ ability to tackle these threats,” Home Affairs Minister Peter Dutton said, in his only remark on the entire AU$1.35 billion package.
ASD helping government and industry with cybersecurity follows the agency, alongside Attorney-General’s Department (AGD), saying earlier this month that while the pair sets directions on how to follow some of the Essential Eight mitigation strategies, cybersecurity is actually the responsibility of each government entity.
It was in direct response to the Joint Committee on Public Accounts and Audit probing the cybersecurity resilience of Commonwealth entities, which poked holes in current reporting requirements and highlighted a lack of accountability for when Commonwealth entities come up short.
In announcing Australia was under a cyber attack from an unnamed state actor, Morrison said his announcement was about raising awareness.
“We raise this issue today not to raise concerns in the public’s mind but to raise awareness in the public’s mind,” he said. “This is the world that live in, these are the threats we have to deal with.”