The Australian Government takes a coordinated, whole-of-nation approach to protecting Australians from cyber threats. Cyber security and online safety are a shared responsibility, and many Government agencies contribute to this collective effort alongside industry, the community, and the states and territories.
The Minister for Home Affairs is responsible for Australia’s cyber policy coordination and setting the strategic direction of Government’s cyber effort.
The Department of Home Affairs leads the development of national cyber security policy. It also coordinates the implementation of Australia’s 2016 Cyber Security Strategy and Action Plan. This strategy sets out the Government’s philosophy and program for meeting the dual challenges of the digital age – advancing and protecting Australia’s interests online.
A number of Home Affairs portfolio agencies also have cyber security roles and responsibilities:
The Minister for Defence is responsible for the Australian Signals Directorate (ASD), which is the Government’s lead operational cyber security agency. ASD seeks to make Australia the safest place to connect online by providing cyber security advice to the community, businesses and governments, and disrupting cybercriminals operating outside Australia.
The Australian Cyber Security Centre (ACSC) is part of ASD. It possesses a comprehensive understanding of cyber threats, and provides advice and assistance to help Australians identify and manage cyber risk. When serious cyber incidents occur, ASD – through the ACSC – leads the Government response to help mitigate the threat and strengthen defences. Staff from Department of Home Affairs, AFP, ASIO, ACIC, ADF and the Defence Intelligence Organisation are co-located at ACSC.
ACSC Joint Cyber Security Centres (JCSC) have opened in Brisbane, Melbourne, Sydney, Perth and Adelaide to bring together business and the research community along with state, territory and Commonwealth agencies to enhance collaboration on cyber security. JCSCs are a critical hub for business and governments to improve their cyber security practices and share information in a trusted and secure environment.
The Minister for Defence is also responsible for the Australian Defence Force, which defends against cyber threats to the nation’s warfighting ability and defence information networks.
The National Security Science and Technology Centre (NSSTC) within the Department of Defence coordinates national security scientific research and development. Cyber security is one its six science and technology priority areas.
The Minister for Foreign Affairs is responsible for leading Australia’s whole-of-Government international engagement to protect and advance our national security, foreign policy, economic and trade, and development interests in cyberspace.
The Department of Foreign Affairs and Trade’s cyber effort is led by the Ambassador for Cyber Affairs. The Ambassador is also in charge of implementing Australia’s International Cyber Engagement Strategy (ICES), both of which were outcomes of the 2016 Cyber Security Strategy. ICES prioritises and coordinates Australia’s whole-of-Government approach to international engagement across the full spectrum of cyber affairs – including digital trade, cybercrime, cyber security, human rights and democracy online, international security, Internet governance and technology for development.
DFAT is also responsible for managing the Cyber Cooperation Program, which supports activities that build cyber capacity across ASEAN and the Pacific consistent with priorities identified in the ICES.
Industry, Science and Technology
The Minister for Industry, Science and Technology is responsible for the Department of Industry, Innovation and Science that supports cyber security industry development, cyber security research and development, and cyber security advice for Australia’s small to medium enterprises. This includes through the Australian Cyber Security Growth Network (AustCyber), the Cyber Security Cooperative Research Centre, CSIRO’s Data61. It also includes a range of initiatives to raise the cyber resilience of small to medium enterprises delivered through business.gov.au, such as the Cyber Security Small Business Program.
State and territory governments
Partnerships between the Commonwealth and state and territories are key to advancing and protecting Australia’s interests online. State and territory governments have primary responsibility for the protection of life, property and the environment within the bounds of their jurisdiction. Australia’s Cyber Incident Management Arrangements (CIMA) outlines the inter-jurisdictional coordination arrangements and principles for Australian governments’ cooperation in response to national cyber incidents.
The Minister for Communications, Cyber Safety and the Arts has responsibility for online safety, and protecting Australians from harmful online content. This includes online safety initiatives for Australian children and adults, education and awareness raising of online safety and addressing cyberbullying of Australian children, technology facilitated abuse, and image-based abuse.
A number of other Government initiatives and entities provide information and helpful advice to keep children, families and businesses safe online. This includes the eSafety Commissioner, a position established in 2015 to coordinate and lead online safety efforts across government, industry and the not-for profit-community. eSafety plays a key role in educating children, parents and teachers on children’s online safety issues, including cyberbullying, image-based abuse, sexting and exposure to harmful and prohibited content. eSafety also has responsibility for a complaints service for young Australians who experience serious cyberbullying; identifying and removing illegal online content; and tackling image-based abuse.
The AFP is responsible for the ThinkUKnow program. This program provides educational resources to children, parents and teachers on specific law enforcement online safety issues, with a particular focus on child protection and exploitation.