The scale and sophistication of cyber threats to Australia and the Indo-Pacific is increasing. In Australia, it is estimated that malicious cyber activity targeting businesses costs the economy up to $29 billion annually. The way we create, use, store and transmit information is changing, producing new vulnerabilities. Critical technologies will inevitably create new means and methods for actors to conduct malicious cyber activity, while also assisting efforts to defend against these threats.
Australia cannot, and does not, act in isolation in addressing cyber threats. International partnerships create opportunities for information sharing, operational collaboration and support, and cooperation to build technical capacity.
Enhancing the cyber security of Australia enhances that of our region. Australia's security, and those of our partners, benefit from growth in our collective cyber security capacity. As the Indo-Pacific's dependency on cyberspace grows, protecting the confidentiality, integrity and availability of critical networks and infrastructure is vital to ensuring the region is characterised by political independence, inclusive economic growth, stability, security and resilient societies.
Through the Cyber Security Strategy 2020, Australia is investing $1.67 billion over the next ten years to equip ourselves with the capabilities needed to respond to growing cyber threats. The Strategy was informed by extensive stakeholder engagement and an expert Industry Advisory Panel.
Key initiatives include enhanced protections for critical infrastructure and systems of national significance, and greater support for businesses and individuals to develop their cyber security resilience. In addition, Australia's voluntary Code of Practice: Securing the Internet of Things for Consumers provides clear advice to businesses on the cyber security features we expect of Internet-connected devices available in Australia.
Cyber security engagement
Strengthening the region's cyber security strengthens our own. Enhancing the cyber security capability of Indo-Pacific partners is a focus of Australia's international cyber security engagement. We maintain a wide range of bilateral, multilateral and multi-stakeholder dialogues with regional and international stakeholders that enable us to meaningfully engage on cyber and technology-related issues of mutual interest, including cyber security.
Australia will continue to engage with regional partners to help mature cyber security and incident response capabilities and posture in the Indo-Pacific. This aligns with the Boe Declaration on Regional Security (agreed by Pacific Leaders in 2018), which confirmed cyber security as a key emerging security challenge for the region, and builds on the ASEAN Leaders' Statement on Cybersecurity Cooperation (agreed by ASEAN Leaders in 2018), and bilateral agreements with Singapore, Indonesia and Thailand. The ACSC leads operational and technical cyber security engagement, including with regional partners through the Pacific Cyber Security Operational Network (PaCSON) and the Asia Pacific Computer Emergency Response Team (APCERT).
Cooperative information sharing is fundamental to the ability of Australia and our international partners to effectively address the growing scale, sophistication and diversity of cyber threats. Australia is committed to fostering trusted cyber threat information sharing networks, such as PacSON and APCERT, which ensure all members are well placed to take informed cyber security actions in their respective countries. The ACSC will continue to produce public guidance and threat advice to assist Australia and our international partners to effectively address the most serious cyber security challenges.
Through our Cyber and Critical Technology Cooperation Program, Australia will support the delivery of tailored cyber security and incident response assistance to computer emergency response teams (CERTs) in Tonga, Vanuatu, Samoa, Fiji and the Security Operations Centre in Solomon Islands. This will boost our region's collective cyber security. These efforts will be complemented by the Pacific Fusion Centre, which provides cyber security media monitoring and strategic level analysis to empower Pacific decision makers to better identify and respond to regional cyber security threats.
Australia provides a voluntary contribution (in addition to our member-state contribution), to the International Telecommunication Union's (ITU) Development Sector each year to fund and implement activities such as cyber security training and capacity building in the Indo-Pacific region, with a particular focus on the Pacific. These activities are delivered in close collaboration with the ITU offices in Bangkok and Jakarta, and complemented by our support for the annual Policy and Regulatory Forum for the Pacific as a member of the Asia-Pacific Telecommunity. We also work with APEC members to advance the development of ICT infrastructure and services in the region and to promote a trusted and secure ICT environment through the APEC Telecommunications and Information Working Group (APECTEL).
AUSTRALIAN CYBER SECURITY CENTRE GUIDANCE AND COVID-19
THE PAPUA NEW GUINEA AUSTRALIA CYBER SECURITY COOPERATION MEMORANDUM OF UNDERSTANDING
The memorandum of understanding (MoU) demonstrates our commitment to ensuring cyber security underpins regional economic growth. Australia has committed $14 million (2018–19 to 2021–22) to protect critical Papua New Guinea networks. Our partnership also includes work to strengthen Papua New Guinea's cyber security governance arrangements, and build its cyber security community of practice by delivering ongoing accredited cyber security training for Papua New Guinea's government and industry staff. This work is enabling Papua New Guinea to better understand the cyber threat landscape and make informed decisions on its digital connectivity and telecommunications infrastructure needs.
