C yber Se cu rity
Cyber Security and Manufacturing in the Defence Sector The recent announcement by the Federal Government of the acquisition of nuclear-powered submarines is amongst the most significant defence capability decision in Australia’s history. This decision complements the Governments ongoing transformation of the Australian defence industry into a fundamental part of our national security and economic foundations. Supporting Australia’s sovereign defence industry is central to the Government’s Defence plan, and the stakes are now even higher to ensure we protection these investments and provide sufficient priority to security matters, including cyber security. The financial rewards for investing in defence capability are high with the Government investing $270 billion over the next 10 years to upgrade the capability and potency of the Australian Defence Force (ADF), but the risks are equally significant. Defence industry plans include investing in more lethal and longrange capabilities and area denial capabilities. There will be investment in capabilities to give Australia better awareness of our region and to support regional engagement and increase our air and sea lift capability. The Government has stated the aim is to develop more durable supply chains, while further strengthening Australia’s sovereign defence industry to create more high tech Australian jobs and enhance the self reliance of the ADF. Australia faces a range of sophisticated and persistent espionage and foreign interference threats from hostile foreign intelligence services. Many of the adversaries targeting Australia are highly capable and have the intent and persistence to cause significant harm to our nation’s security, information, assets and people. Businesses must ensure they are cyber secure and resilient as we become more connected and engaged in Defence work and in light of the rise 78
in use of digital technology result of this pandemic. Companies must develop robust and effective security practices and procedures and remain every vigilant if they are to be considered as part of Defence’s supply chain. Last year’s Government announcement relating to malicious actors targeting Australian business was a timely reminder. The latest annual cyber threat report by the ACSC also highlights that cyber threats are increasing with cybercrime reported every eight minutes in Australia in the 2020-21 financial year. And we need to bear in mind that those are only the reported incidents, noting that they may not reflect all cyber threats and trends in Australia’s cyber security environment. Indeed, Australian businesses are becoming more aware of security risks, particularly in the defence industry which has experienced several highprofile attacks. These kinds of attacks can have serious impacts of Defence capability, the financial viability of businesses, as well as Australia’s competitive position in global markets. Even though Defence and industry have learned from these experiences, threats and associated risks are constantly evolving so Defence and industry must too. Protecting against cybercrime, espionage, unauthorised access is becoming increasingly challenging for governments and businesses of all sizes. However, there are many things you can do to raise your levels of security protection and minimise your risks. To support industry in dealing with those risks, Ai Group developed a guide in cooperation with Defence and other Government agencies, Working Securely with Defence, which was released in February 2021 and is available at aigroup.com.au in the defence sector section. The purpose of this guide is to help provide guidance for businesses
to become eligible for classified and sensitive Defence work through participation in the Defence Industry Security program (DISP). There are a range of industry tips, case studies, links to relevant resources, assistance, contacts and templates. The information will help business put together their applications for membership of the DISP. The DISP helps businesses get the right security requirements when delivering Defence contracts and tenders and gives access to Defence security advice and support services. Importantly it helps companies to better understand and manage security risks across their business and gives confidence to Defence when procuring goods and services from industry members. As Australian businesses emerge fully from COVID restrictions they will be looking for new opportunities. Defence is one sector where such opportunities will be in abundance over the coming decades. But businesses will need to prepare including developing their security capabilities to the appropriate level required by the Government and potential partners in the industry. The development of a nuclear-powered submarine program only makes this important work more significant for Australia’s national security and stability. Kate Louis is Executive Director of Ai Group’s Defence Council.
