I begin by acknowledging the traditional owners of the land on which we meet today, the Wurundjeri Woi Wurrung and Bunurong Boon Wurrung peoples of the Eastern Kulin and pay my respects to their Elders past, present and emerging.
As the Assistant Minister for Defence, Assistant Minister for Veterans’ Affairs and Assistant Minister for the Republic, I also pay my respects to Aboriginal and Torres Strait Islander men and women who have served our nation in the past and continue to do so today.
Thank you for the opportunity to participate in CyberCon.
It’s great to have the chance to speak to cyber security experts from such a wide range of organisations.
And it’s a pleasure to join you on the third day of the conference, with your discussions already in full swing.
I understand that you’ve heard from many speakers with different perspectives, and that the event has been a great success so far.
Bringing people with diverse experience together to share their insights is so important.
Our collective response to the challenges we face will be stronger if we work together across sectors.
Whether as individuals, or as leaders in business or government, we all have an important role to play in cyber security.
This truly is a national endeavour.
You will all be familiar with the details of the Optus data breach and will no doubt have already discussed the implications at length.
Let me take this opportunity to say that my heart goes out to the millions of Australians who’ve been caught up in this significant security breach.
People are understandably still angry, and still anxious about where their personal information might end up.
The full force of the Government’s cyber-security capabilities has been deployed to respond to the breach and this work will be ongoing.
Over the coming years, we anticipate that unless government and industry work together to address vulnerabilities and improve resilience, the scale and impact of cyber threats will continue to grow.
They are one element of the serious strategic tensions facing Australia…
Including the return of war in Europe;
Growing climate risks,
And enduring pandemic impacts, all of which are driving inflation, supply chain shocks and de-globalisation.
Russia’s invasion of Ukraine triggered an explosion in the level of malicious cyber activity around the world.
And malicious cyber actors are actively targeting individuals and small businesses in Australia.
In Australia last year, a cyber-security incident was reported to the Australian Cyber Security Centre – the ACSC – every 8 minutes.
The ACSC sees attacks increasing in severity and frequency.
My role as the Assistant Minister for Defence includes policy responsibility for information and communications technology and the Defence data strategy.
I can tell you that every single day, in almost every single way,
Defence networks are being attacked or probed for vulnerability by those who would do Australia harm.
The digital arms trade is booming and cyberspace is the new battle domain.
As much as every fighter jet, frigate or tank, our communication networks are critical to Australia’s Defence.
What is at stake is Australia’s national security.
To give you some idea of the scope and complexity of the ICT estate we have to patrol and protect:
Defence has a global ICT footprint that consists of more than 1000 networks;
That includes 10,000 servers;
Well over 100,000 end points;
30,000 mobile devices;
And it handles more than 16,000 terrabytes of data – and growing.
We run a vast global satellite communications capability
And networks that connect ships and submarines, aircraft and army.
Rapid advances in technology represent opportunities for Defence to secure technological advantages that suit our unique strategic situation.
But new technology must be adopted with security built in from the start.
A single vulnerability in a Defence system can put our men and women in uniform at risk, and result in an unacceptable threat to our nation and our national interest.
The 2022 Defence Information and Communications Technology Strategy and the Defence Cyber Security Strategy, which I launched at the end of August, are the twin pillars of Defence’s response to the opportunities and threats posed by digital technology.
Both strategies highlight the importance of building enduring partnerships with industry, academia and international partners.
The 2022 Defence ICT Strategy recognises that information and communications technology is central to the Australian Defence Force’s ability to operate on the modern battlefield.
The Defence Cyber Security Strategy outlines how Defence is working to enhance cyber security across its entire ICT ecosystem.
The strategies are two sides of the same coin.
We need to fully integrate ICT services and cyber-security capabilities to ensure that Defence is ready to fight and win in the Digital Age.
The strategies are living documents that will evolve and respond to changes in technology and our threat environment.
And they recognise that this will require a concerted and coordinated effort across the entire Defence ecosystem, from the Australian Defence Force and Australian Public Service personnel, to Defence’s industry partners and those in our supply chain.
Every day, Defence cyber security personnel are on the front lines, defending our national security.
So if you are interested in cyber security, Defence is interested in you.
We need cyber security specialists in Navy, Army and Air Force ….
We need them in the Australian Public Service at the Australian Signals Directorate…
And we need them in the Department of Defence…
I encourage you to check out what’s on offer at the Department of Defence, ASD and Defencejobs websites.
Defence is not just a purchaser and manager of technology.
We are a creator and a maker.
Technological innovation is now core business across Defence…
Through dynamic programs like the Defence’s flagship strategic innovation program – StaR Shots; the Defence Innovation Hub; the Defence Research Accelerator and the Next Generation Technologies Fund.
To give you one recent example, last month, Defence signed a $4.1 million contract with Penten Pty Ltd to develop an innovative method for active cyber defence using artificial intelligence.
And we signed a $698,000 contract with Outlander Solutions to develop a battlefield command, control and situational awareness software system using artificial intelligence and modern gaming technology.
Both proposals were funded through the Defence Innovation Hub – a $1 billion program that invests in the development of innovative Australian technology with the potential to deliver a capability edge to Defence.
To do what we need, at the speed we need, at the scale we need, Defence needs to build genuine partnerships with organisations, large and small, that have the expertise and skills to innovate.
And Defence increasingly works in partnership with the private sector to develop the cutting edge capabilities we need.
For instance, in just four years, the RAAF – in partnership with Boeing Australia and more than 35 Australian suppliers – was able to successfully design, manufacture and fly the first Australian-built military combat aircraft in 50 years – the MQ-28A Ghost Bat uncrewed autonomous aircraft.
This is world leading technology with combat, reconnaissance and surveillance applications.
Capabilities like this are of vital importance to keeping our country safe and secure.
The capability itself is a target.
And every one of our partners is a target for Australia’s adversaries, including cyber criminals and state-based actors.
Ensuring the cyber security of all of our military capabilities and the supply chains that deliver them is an essential focus now, and for the years ahead.
When you work in cyber security you are working a field that will shape the future of this country.
No matter what your business, or what your industry, the cyber hygiene of your business has consequences for your shareholders, your customers, your suppliers and your staff.
When you protect their data, you are helping to protect Australia.
Because every successful attack has the potential to affect our national security.
The CyberCon theme of “Resilience in a Cyber World” has never been more important.
I hope that you leave this Conference with new insights and best practices to help you better understand the threat environment and prepare you to meet the emerging challenges.
Thank you.