Michelle Price, Chief Executive Officer of AustCyber, followed on from the discussion of tech governance by highlighting the increasing intersection, or convergence, of technologies, the growing importance of digital technologies to Australia’s critical infrastructure, how so many more activities and businesses are therefore now part of our critical infrastructure, and the growing significance of individual and business behaviours and actions.
To set the scene Michelle noted that the cyber and physical economies are now deeply interconnected, that one in six jobs is now directly connected to digital activity and that 4 weeks of digital disruption would cost the economy $30 bn and 163,000 jobs.
She argued that we are at risk of ‘sleepwalking into convergence’ and that we need to be far more clear-eyed and aware of the digital tech decisions we make and the potential consequences for ourselves and our businesses but also for the economy and society more broadly – we need to see ourselves as individual actors in Australia’s cyber-security equation.
In her comments Michelle underscored the important role that digital technologies can play in recovery and that we cannot afford – economically or socially - to fall behind in making the most of these opportunities and that requires everyone to be focussed squarely on cyber decisions and security. Getting this right is “the most imperative public-private partnership”. For its part AusCyber is launching a ‘taste of AU cyber scape digital ecosystem’ that will provide visibility around all of the Australian cyber security and digital tools available. They are also working with Standards Australia on a digital tool for industry to understand how cyber security standards apply to them.
In discussing the Australian Government’s exposure draft of the Security Legislation Amendment (Critical Infrastructure) Bill, which proposes to substantially broaden the application of the Security of Critical Infrastructure Act 2018 (Cth) to new classes of critical infrastructure sectors including the communications, data storage and processing among others, Michelle noted that it is natural for businesses to be concerned at this cyber-critical infrastructure juncture. However, it is critical that they seek to understand the need to lift cyber security standards and capabilities – from a social, economic and national interest perspective.
Michelle concluded that businesses need to be open to the fact that their culture as regards digital tech and cyber needs to change, and they need to let go of outdated business models. There will be changes and costs to comply with the legislation, but this can and should be seen as an opportunity to transform their business by making good choices about tech that they adopt and deploy and these are applied to add benefits to customers and suppliers and the like. This doesn’t all need to happen overnight, and government must be mindful of reducing transaction costs associated with these changes wherever possible.
The final part of the conversation with Michelle addressed what she referred to a ‘internet ani-vaxxers’ those people who do not take the necessary actions to inoculate themselves and therefore Australia more broadly, to cyber security risks. She also stressed the importance of government regulations not inadvertently encouraging internet anti-vaxxers, arguing that ethical or ‘white hat’ hackers and ‘bug bounty’ programs should be enabled and encouraged, for instance.