Topics: Cybersecurity; Fed.
Bolstered by the Cyber Security Strategy, Defence White Paper and National Innovation and Science Agenda, Australia has improved its “cyber maturity” ranking and nudged ahead of Singapore in the Australian Strategic Policy Institute’s 2016 study of Asia-Pacific nations.
The Cyber Maturity in the Asia-Pacific Region 2016 report investigates the cyber capabilities of countries in the Asia-Pacific region, including “the presence, effective implementation and operation of cyber-related structures, policies, legislation and organisations.”
“The cyber indicators cover whole-of-government policy and legislative structures; responses to financial cybercrime; military organisation; business and digital economic strength; and levels of cyber social awareness”, the report states.
Of the 23 countries from South, North and Southeast Asia, the South Pacific and North America that were assessed, Australia received a weighted score of 80.9 out of 100 for its cyber maturity – an improvement on its 2015 result where it ranked fifth with a score of 79.9. This was enough for Australia to snatch fourth position from Singapore who arrived at a score of 80.2.
South Korea improved on its 2015 score of 82.8 to rank second with 83.6, which saw it jump ahead of Japan, whose score fell from 85.1 in 2015 to 82.9. The United States retained first place, but its score fell from 90.7 in 2015 to 88.1.
In the Institute’s 2014 report, Australia ranked third with a weighted score of 75.8 behind the US (86.3) and the United Kingdom (81.2). At this point, South Korea, Japan and Singapore were ranked fourth, fifth and sixth, with the respective scores of 75.5, 75.3 and 74.7.
Australia scored highly for the report’s governance, cybercrime enforcement, military application and business indicators, but fell down in the social indicator, which measures the percentage of the population that has fixed broadband internet connectivity.
The report highlights the recent publication of the 2016 Cyber Security Strategy, which allocated $195.1 million in new funding to several departments and agencies, and the 2016 Defence White Paper as contributing to Australia’s improved governance on cyber matters.
“The release of Australia’s new Cyber Security Strategy, the first since 2009, as well as the National Innovation and Science Strategy and Defence White Paper, has revitalised the approach of the Australian Government to cyber policy, cybersecurity and digital commerce.”
It cites the creation of new leadership positions, including the Minister Assisting the Prime Minister on Cyber Security, the Special Advisor to the Prime Minister on Cyber Security and the Cyber Ambassador, as “evidence of the importance the government places on cyber policy issues and a move to have clearer responsibilities and accountabilities for cyber policy decisions.”
While the report mentions the suspension of the Census website on August 9th it views the incident in a positive light, suggesting that the event should focus further attention on cybersecurity.
The outage is currently being probed by the Special Advisor to the Prime Minister on Cyber Security Alastair MacGibbon in collaboration with Department of Prime Minister and Cabinet, Australian Signals Directorate (ASD), Office of the Australian Information Commissioner, Department of Finance, Treasury, the Digital Transformation Office and Attorney-General’s Department, according to his submission to the inquiry into the 2016 Census by the Senate Economics References Committee.
Earlier this month, MacGibbon said the Denial-of-Service attacks responsible for the outage impacted the trust and confidence in government systems.
Australia’s score on the report’s military indicator also saw marginal improvements during 2016 thanks to Prime Minister Malcolm Turnbull’s declaration of the ASD’s offensive cyber capabilities in April 2016, despite lamenting the Defence White Paper for not adequately describing the departments approach to cybersecurity and operations.
“While the White Paper makes a welcome commitment to new funding and staff for cybersecurity operations and research, it doesn’t describe the Defence organisation’s approach to cybersecurity and operations.”