Australian cyber policy
This is a key theme of our work. Here are some highlights.
Submission on Evaluating Australian Cyber Policy
The Social Cyber Group responded to the Australian government's call for recommendations on an evaluation framework for the country's cyber security policies. In April 2023, Dr Greg Austin submitted this proposal to the Expert Advisory Board. The submission recommended a laser-like focus on recuing cyber harms, against the back ground on steadily increasing cyber damage to the country.
Is Australia Weak on Fighting Cyber Crime?
The Social Cyber Group has offered recommendations to the Australian government to help the country do better in fighting cyber crime. The suggestions can be found in its Six Point Plan for Cyber Policy Reform submitted to the government's review on cyber security last Friday.
Police forces in Australia should improve or create statistical reporting of cyber crime in their jurisdictions to an agreed national standard, including data on successful prosecutions, and annual expenditure on countering cyber crime, and such reporting should be widely publicised. The reporting should include international comparisons.
JUSTIFICATION: Cyber crime statistics in most jurisdictions in Australia are poorly organised and lack credibility, not least because of a lack of focus on reporting on prosecutions undertaken and their success. Absence of such credible reporting, supported by specialist analysis, is a key obstacle to effective public policy not just for countering cyber crime but for giving the public and governments an honest accounting of the cyber security environment.
Evaluating Cyber Policy Reform
Dr Greg Austin delivered a presentation at the Australian Cyber Security Conference in Canberra (20-22 March 2023) on this theme. Here is a synopsis of the presentation and his SCG Discussion Paper on the same subject.
As the Australian government launches yet another cyber security strategy, it would be timely to debate the benchmarks by which the new policies and their implementation can be evaluated. This session will explore three factors that can be central to such efforts -- a sense of urgency, a commitment to coherence, and investment of political capital for comprehensive (in-depth) reform. All three elements depend on shared leadership by governments, industry, and community actors (especially educators). These three elements were not as visible in the past six years of implementation by the leaders responsible as they needed to be.
The USA and the UK both have done better at cyber security reform than Australia. This session will compare and contrast the various experiences of the three countries, giving some prominence to the opportunities for better outcomes created by the Five Eyes intelligence alliance.
The session will also draw on the presenter's work with the IISS where he has coordinated research over three years on the cyber policies of 25 countries, including Australia, Indonesia, Singapore, China, Russia, the US, the UK, Nigeria and Brazil. This work for IISS also provides insight into the relationship between civil sector and national security cyber reforms. In Australia, we see a mismatch between the high level commitment to and capability of government for cyber security in the national security field and the more desultory outcomes in the civil sector. The session will look at possible explanations of this to see if anything can be learned for advancing the goals of urgency, coherence and depth.
The session will draw on insights from the presenter's in-depth research over more than ten years on cyber policy in Australia and China, his books on 'Cyber Security Education' and 'National Cyber Emergencies', and his work for the various ministries of defence on warfighting in future information environments.