2023 – 2030 Australian Cyber Security Strategy

Both the Discussion Paper and the Australian Cyber Security Centre’s Annual Cyber Threat Report 2021-22 highlight the scale of malicious activity in Australia — one incident is reported on average every 7 minutes. The impact of these activities is widespread and indiscriminate; they disproportionately affect the most vulnerable in society — the small-medium enterprises and individuals least able to protect themselves. Equally worrying are the potential effects of cyber-attacks on Critical Infrastructure, which undermines both public trust and our way of life.

Deloitte posits that a key outcome for the Strategy is to enable Australia to generate the scale, speed and ‘tempo’ to prevent, mitigate and respond to threats-at-scale to 2030 and beyond.

This will require us as a nation to come together to collaborate in unprecedented ways, leverage collective skills and resources deliberately and efficiently, and create effective synergies in many of the following areas:

• Cyber threat sharing and blocking at-scale
• Cyber collaboration through sectoral Information Sharing and Analysis Centres (ISACs)
• Government cyber uplift and leading by example
• Our national cyber workforce
• Evolving cyber security technologies
• Supporting international cyber resilience.

Deloitte’s submission examines these areas and offers actionable recommendations. As well as speed and scale, we emphasise the principles of co-design, incentivisation, collaboration and interoperability throughout our submission.

Taken as a whole, we believe our recommendations help support the creation of a national cyber security ecosystem that is greater than the sum of its parts. To become the most cyber-secure nation in the world by 2030, Australia needs to establish the necessary momentum, structures and coordination to defeat cyber threats-at-scale. We look forward to continuing to support this significant national endeavour.