Launch of Australia's International Cyber Engagement Strategy
Thank you Andy Penn for hosting us at this extraordinary Cyber Security Centre. Thank you Toby, and I commend you on your appointment as Australia's inaugural Ambassador for Cyber Affairs. I acknowledge Dan Tehan, the Minister Assisting thee Prime Minister for Cyber Security, who couldn't be here today, and the Shadow Minister Gai Brodtmann. I believe that James Caruso, the US representative in Australia, is also present.
It is a great pleasure to be here at Telstra to launch Australia's first International Cyber Engagement Strategy.
The internet and technology are permeating every aspect of our lives. It has transformed the way we work, the way we travel and shop, be entertained, and how we communicate.
In most respects, the impact of technology and its disruptive effect has been beneficial. However, the borderless nature of cyberspace presents us with as many challenges as it does opportunities.
The digital economy is already a major contributor to Australia's GDP – after all Australia has just set a world record, we are in our 26th consecutive year of economic growth.
For the internet to remain an accelerator of economic prosperity and sustainable development we must engage internationally, with governments, the private sector, and civil society to advance and protect our shared interests.
Government is increasingly reliant on cyberspace for all we do, and the growing dependence on global ICT networks increases the potential costs of disruption.
While nations are using cyberspace to drive economic growth and to improve the delivery of services for example, many are also exploring the use of technology for defensive and offensive applications.
This makes the management of cyber issues a matter of international strategic importance.
Just as we have international rules that guide how states behave and how states should behave towards each other, an international rules based order that has been in place for about 70 years, so too must states acknowledge that activities in cyberspace are governed by the same set of rules as military and security activities in traditional domains.
Recently I visited Estonia and I saw firsthand a most sophisticated advanced live-fire cyber defence exercise called "Locked Shields" – a scenario-based, real-time network defence war game with about 800 participants from 25 nations at the NATO Cooperative Cyber Defence Centre.
Estonia of course was swamped with cyber-attacks back in 2007, amid a dispute with Russia, and Estonia developed the Tallinn Manual on the international law applicable to cyber warfare, and I have a copy of this most interesting tome on my bookshelf.
Nations are working together to share best practice, share ideas, and work on how we can meet these challenges.
The fact is there must be rules that inform how states interact with each other, that restrict and regulate unacceptable conduct and ultimately protect and promote international peace and stability.
Non-state actors - terrorist groups and transnational criminal networks - have also extended their reach through cyberspace.
About two weeks ago I attended a meeting at the United Nations of global leaders who were focussing on counter-terrorism and how to ensure that the internet does not become a dark space that hides the activities of terrorists, and the major tech companies – Facebook, Twitter, Google – were all there to discuss ways how we can work together to address some of these issues.
Australia has developed offensive cyber capabilities – we are open about that and this Strategy that I'm launching today provides more detail on how we authorise and use these tools.
We put this information on the public record because we want to be clear that our capabilities must be used in accordance with domestic and international law, as well as norms of responsible behaviour.
While we champion an open and free and secure internet, I believe it is important for the security of our nation and the security of all Australians that cyberspace is not an ungoverned space.
Australia is playing a lead role in developing the governing rules for cyberspace.
In 2013, for example, we chaired a group of experts at the United Nations which agreed that existing international law applied in cyberspace.
In 2015 that same group agreed to a list of norms of responsible state behaviour including:
- that states should refrain from using information and communications technology to damage critical infrastructure, and
- that states should investigate malicious cyber activity that emanates from their territory.
The international community has made good progress delineating what states should and should not do in cyberspace, but boundaries are being tested.
The 2016 US Presidential Election focussed the world's attention on the potential for cyber operations to interfere with democratic processes.
This cannot be allowed to continue. It strikes at the very heart of the sovereignty of nations and Australia will guard against attempts to use such measures to interfere in Australia's domestic affairs or seek to undermine our institutions.
More broadly, Australia will cooperate with international partners to detect, deter and respond to malicious cyber activity by states and their proxies.
It is in all of our interests to ensure states follow the rules in cyberspace. Having established a firm foundation of international law and norms, we must now ensure there are consequences that flow for those who flout the rules of the road.
This Strategy sets out our plan to tackle these and other issues.
Digital technologies are powerful enablers for economic growth, for sustainable development.
Globally, data flows are now estimated to generate more economic value than the global trade in goods.
Our region is home to some of the most advanced digital economies, as well as countries whose digital development is still in very early stages.
It's in partnership with countries of the Indo-Pacific, our region, that Australia can best leverage our capacity building resources.
Partnership is vital and we will continue to combine the unique and complementary skills of individual countries, the private sector, civil society and the research community.
Improved connectivity and access to the Internet across the Indo-Pacific will generate economic growth for countries in the region and also provides new market opportunities for Australian businesses.
We are encouraging the use of robust technologies for e‑governance and the efficient delivery of services.
We are piloting a Pacific Connect program that brings together Pacific and Australian leaders from public and private sectors to collaborate and build relationships between governments, communities and businesses.
We are acutely aware that technological disruption will mean that many of today's jobs won't exist in the future, they be replaced through automation, robotics, artificial intelligence. We are also aware that many of today's students will be working in jobs and industries that don't yet exist.
So we are helping to develop a digital-ready workforce and promote our region's further integration into the global market place.
Within the Department of Foreign Affairs and Trade I have established the innovationXchange – this is an ideas hub that brings together creative, innovative thinkers from the public sector, from the private sector. We've had people interning from the World Bank, from USAID, from Google, from across the private sector, and we come up with an intractable development issue, we give it to the group and say "find a solution". They have come up with some extraordinary ideas, we choose the best, we scale them up, we pilot them and if we think that they are beneficial, effective, efficient, we roll them out across our aid program.
We've entered into a number of partnerships with philanthropic organisations, with other governments, with research institutions and one that I want to mention today in the context of jobs of the future is: we partnered with the Massachusetts Institute of Technology (MIT) in their Solve-a-thon, which is a more sophisticated hack-a-thon, and with Atlassian, the Australian tech company, we are focussing on the challenge of youth and skills and the jobs of the future.
We've had responses to this challenge from all over the world, and last month I had the opportunity to announce the winners of the Solve-a-thon Challenge on Youth, Skills and the Workforce of the Future, with Queen Rania of Jordan, who is a patron of MIT Solve-a-thon.
These winners announced in New York included the overall winner of the Challenge, the international innovation network WeRobotics, and WeRobotics will set up a hub in the Pacific to train young people and their communities in drone and robotics technology, and that will help prepare them for 21st century jobs.
With such a great success to build on, I'm pleased to announce that the Ambassador for Cyber Affairs in conjunction with AusCyber will soon launch a Technology for Development challenge for entrepreneurs and start-ups from Australia and the Indo-Pacific to find innovative technology-based solutions to regional development challenges.
Last year I announced a $4 million Cyber Cooperation Program to improve cyber security in the Indo-Pacific over four years. Today I announce an additional $10 million for the Cyber Cooperation Program to support implementation of our International Cyber Engagement Strategy.
The Cyber Cooperation Program funds many projects and I will just highlight a few of the flagship initiatives.
Australia's Computer Emergency Response Team (CERT) is leading the establishment of a Pacific Cyber Security Operational Network. This network across the Pacific will share information, collaborate on best practice, and develop cyber security incident response capabilities in the Pacific I'm delighted that 11 Pacific countries have already indicated their support for the network and expressed their interest in becoming founding members, and I'm confident that others will follow.
Secondly, we are providing scholarships for students from the region to study a new Cyber Security Postgraduate Diploma at the University of the South Pacific.
We will continue to work with police, prosecutors and judges in Pacific countries to improve our collective capacity to detect and prosecute cybercrime.
I should also acknowledge that Australia is supporting the Freedom Online Coalition and Digital Defenders Partnership, because Australia recognises that human rights apply online, just as they do offline.
You'll note throughout this Strategy that "partnership" is the watch word.
The Australian Government appreciates that, to deliver on our ambition to increase regional cyber capacity, we need innovative partnerships with the private sector.
With Andy Penn and Tobias, I have just toured the private sector showcase here this morning and noted a number of really great initiatives.
I think the Association of Asia Pacific Airlines, supported by the Qantas Group, is working with the DFAT and the Singaporean Ministry of Transport, to enhance regional aviation cyber resilience is a very important initiative to build confidence in regional aviation.
Palo Alto Networks will conduct technical and other cyber security training for ASEAN businesses, in partnership with industry, and this will complement the initiative to translate our very own Australian Signals Directorate's world leading "Essential Eight" mitigation strategies – we are going to translate them into the 10 official languages of ASEAN member states. I acknowledge the presence here of Director-General Paul Taloni.
Many of you will have watched Telstra's cyber security awareness videos this morning, and they are informative and they are entertaining, and we are working with Telstra to incorporate them, along with associated training materials, into Australia's regional capacity-building workshops.
Our Strategy also creates new mechanisms for domestic consultation on international cyber issues. We can't do this alone, government doesn't have all the answers so we will be supporting an annual community-led Australian Internet Governance and Cooperation Forum, to inform the positions of all internet stakeholders.
We will also establish an Industry Advisory Group that is going to meet biannually to facilitate public-private collaboration on Australia's international cyber engagement.
So our International Cyber Engagement Strategy must guide our efforts to ensure that the internet remains free, open and secure – and the mandate of our Strategy is broad and ambitious.
The work is vital to our national interest and will be referenced in the upcoming Foreign Policy White Paper, that I will be releasing later this year, which will be setting out a framework for Australia's international engagement over the next 10 years, and of course our Cyber Engagement Strategy will underpin much of our work, which will be in a far more complex, competitive and tested world.
Our International Cyber Engagement Strategy – which I am delighted to launch today – sets out our plan to mitigate the risks and harness the opportunities across the full spectrum of cyber affairs:
- from digital trade to cybercrime
- from international security to international cooperation, and
- from human rights to sustainable development.
I encourage you to read the Strategy – it's a great read actually – take the opportunities and work with our team headed up by our Ambassador for Cyber Affairs, and help Australia take full advantage of the digital age.
The cyber world awaits us!