Evaluating Australian Cyber Policy Reform: Urgency, Coherence, and Depth
- Editors
- Feb 13
- 2 min read
The Australian government is preparing a new cyber security strategy to cover the period 2023 to 2030. As part of the deliberations, it called for submissions on key issues, including an evaluation framework for the new strategy. This paper responds to that call.
It offers reflections on a system of benchmarking and assessment by which the strategy and its implementation can be judged. In doing so, the paper offers a critique of existing approaches as the country wakes from what the government has called a ‘cyber slumber’. Three factors will be central to the success of the new commitments—a sense of urgency, a commitment to coherence between policy pillars, and investment of political capital for deep reform in individual pillars. All three factors (which we can also take as indicators of performance) depend on shared leadership by governments, industry, and community actors (especially educators). Any government strategy must be judged by its results. If there is not a visible reduction in cyber harms brought about government policy, this would appear to suggest persistent shortcomings in policy. Successive cyber security strategies (in 2009, 2016, and 2020) have not been able to show such results (reduction in cyber harms) even though the country has benefited from a visible uplift in many pillars of cyber security preparedness. Building off that discussion, the paper proposes eight principles for an evaluation framework. There should be a single overarching evaluation of the entire strategy (to ensure coherence between policy pillars) every four years as well as separate evaluations of each policy pillar, every two years. The new framework for evaluation will require much improved efforts at data collection on progress of the strategy. The data collection will need to be informed by sophisticated criteria, sustained on a continuing basis, and managed by reputable and independent social scientists experienced in public policy.
Comments