Government progress on cybersecurity in Australia

Share on twitter
Share on linkedin
Share on facebook

Earlier this year, the Government’s cyber security advisor, Alastair MacGibbon, described a “prevailing ‘tick box’ compliance culture” for federal government agencies when it comes to cyber security.

Furthermore, in a report released in May the Australian Strategic Policy Institute (ASPI) recommended various areas where the Government needs to improve its approach to cyber security, particularly, in adapting and implementing the ‘National Cybersecurity Strategy 2016-2021’.

In more positive news, on July 6, the International Telecommunications Union (ITU), released its ‘Global Cybersecurity Index’, where Australia was ranked a top ten nation for its commitment to cyber security.

Cyber Security

By Dr. Drew Donnelly, Compliance Quarter

In a range of articles recently we have looked at technological developments which call for strong cyber security compliance requirements, including the Productivity Commission’s proposed data-sharing regime and developments in financial technology. Therefore, it is useful to explore the Government’s progress on cyber security. Today we look at the assessments of the ITU and ASPI on Australian cyber security and some areas that have been identified for ongoing improvement.

The Global Cybersecurity Index

The Global Cybersecurity Index (the index) measures the commitment of member states to cyber security. To make this assessment, it employs five ‘pillars’ representing features of a nation that are conducive to cyber security:

  1. Legal: legal frameworks and institutions for cyber security
  2. Technical: the presence of technical frameworks and institutions for cyber security
  3. Organisational: policy coordination institutions and strategies at national level
  4. Capacity-building: Research and development, education and training programmes etc aimed at fostering capacity building
  5. Cooperation: the presence of partnerships, cooperative frameworks and information sharing networks.

As well as its overall placing as 7th best in the world, Australia was ranked third in the Asia-Pacific region, behind Singapore and Malaysia. In particular, the index recognised Australian success in the technical arena. The certification programme for information security skills was singled out as an area of particular strength. The only pillar that Australia did not rank highly in was cooperation.

When the Government released its strategy last year it recognised the importance of improving in this area, claiming “Only Government can drive cooperation across the public and private sectors and ensure information is shared between the two.”

The ASPI review

ASPI recently reviewed the Government’s strategy and implementation progress to date. In light of their review they came up with several recommendations, including:

  • Adaptation of the strategy based on outcomes. ASPI pointed out that the Government has focused on assessing the actions it has taken to improve cyber security, rather than in assessing concrete outcomes, and adapting strategy accordingly.
  • Fixing the dispersed leadership of cyber security policy reforms across various government departments. This reinforces the assessment made by the ITU.
  • Better support for small-to-medium sized enterprises when it comes to cyber security awareness.


While the index aimed to measure cyber security commitment, it clearly emphasised the presence of certain frameworks and institutions being present in a country, rather than actual cyber security outcomes. The ASPI report also suggests that, one year into the Cybersecurity strategy, the emphasis is still on Government outputs, rather than outcomes.

Of course, the Government’s strategy is only one-year old, and many proposed reforms (such as the proposed data-sharing regime) are in their very early stages, so it is likely there will be more concrete process over the next couple of years.

Read the Index report here or the ASPI report here.

More to explorer

Window lights in multistorey house at night, Kuala Lumpur

A Guide to the Role of the Metering Coordinator

In the complex landscape of the electricity market, the role of the Metering Coordinator (MC) is crucial for ensuring the accurate measurement and efficient coordination of metering services. With the National Electricity Rules (NER) as the guiding framework, AEMO has published a guide to the role of a metering coordinator and this article serves as a summary of that role drawing on the guide. Understanding the Purpose and Scope: The Guide to the Role of the Metering Coordinator is specifically

Digital electric meters in a row measuring power use. Electricity consumption concept.

Roles and Functions in Electricity Metering: A Short Guide

Electricity metering is a complex process that requires the collaboration of various entities to ensure accurate measurement and efficient energy management. Understanding the roles and responsibilities of these entities is crucial for maintaining compliance and facilitating the smooth functioning of the electricity market. In this article, we will explore in detail the key roles in electricity metering, including Financially Responsible Market Participants (FRMPs), Metering Coordinators (MCs), Metering Providers (MPs), and Metering Data Providers (MDPs), as outlined in Chapter 7 of

Preparing to Apply for a Retailer Authorisation: A Comprehensive Guide

The Australian Energy Regulator (AER) oversees the authorisation process for energy retailers in Australia. If you’re considering joining this market, it’s crucial to understand the AER’s guidelines and requirements. This article will outline the preparatory steps your business needs to take before applying for a retailer authorisation.

Leave a Reply

Your email address will not be published. Required fields are marked *