Bill Shorten (Maribyrnong, Australian Labor Party, Leader of the Opposition) Share this | Hansard source

by leave—I thank the Prime Minister for his statement and the opportunity for the House to address such an important matter. The integrity of our democracy and trust in our political institutions are fundamental to our national security. I agree with the Prime Minister that, whatever the rhetorical, political or, indeed, substantial differences between government and opposition on any given day may be, whatever disagreements and disputes may consume the parliament even in the coming hours, when it comes to national security, we all have a joint obligation; we're in this together. Keeping Australians safe isn't a political slogan; it's the highest priority of every political party and every member of this place. So, obviously, the attempt at hacking the Parliament House network is a source of grave concern to us all.

Australia is not exempt or immune from the kind of malicious activity that we've seen elsewhere. Over the past few years, we've witnessed a range of attempted infiltrations and manipulations in the democratic processes of Germany, Japan, Ukraine, the United Kingdom, the United States, France and Canada. We cannot be complacent and, as this most recent activity reported by the Prime Minister indicates, we are not exempt or immune.

Now, as the Prime Minister has indicated, government institutions, such as our electoral commissions, are largely well protected, but our party political structures perhaps are more vulnerable. We've seen overseas that it's progressive parties which are more likely to be targeted by ultra-right-wing organisations. Political parties are small organisations with only a few full-time staff, yet they collect, store and use large amounts of information about voters and communities. These institutions can be a soft target, and our national approach to cybersecurity needs to pay more attention to non-government organisations. Our agencies shouldn't be just providing advice to political parties but actively assisting in their defence. I have to say today to people listening in parliament that my words are not just about political parties but also about Australia's small and medium businesses, our educational institutions and individuals.

Everything that depends on internet technology, even if it is not actively connected to the global internet at all times, is part of cyberspace. Cyberspace is a fully functioning reality. It's an ecosystem. The virtual world of cyberspace has created an ecosystem—new domains of human experience and millions in communities within it that mimic the real world. It's an ecosystem that has generated prosperity, opportunity and profound benefits to millions. It is an ecosystem, though, that has also spawned multiple threats to individuals, businesses of all sizes, critical infrastructure, national security and our democratic systems. It is an ecosystem that is growing rapidly each and every day.

In 2015, it was estimated that 25 billion devices were connected to the internet. That is eight times the number of people considered to be online. In 2020, the number of devices connected to the internet is estimated to increase to 50 billion devices. So the economy is no longer merely enabled by cyber; cyber is part of the economy, and we're all connected in that economy. Cybersecurity affects every Australian in every way, nearly every day. So we need every Australian equipped to preserve and protect our institutions, our freedoms and our values. It means improving awareness of cyber-risks and strategies to guard against them. It means that we need to train up more Australians in our universities, TAFEs, research centres and workplaces to fill national skill shortages in cybersecurity.

In closing, I have to say that I have great trust in our security agencies and their professionalism to do all that they can to protect our nation against cyberthreats. But we constantly need to ask ourselves if our settings are right. The Commonwealth National Cyber Security Adviser is dual hatted in his policy role, reporting to the Secretary of Home Affairs but also, as operational head of the Australian Cyber Security Centre, reporting to the Director-General of the Australian Signals Directorate. Some are concerned that this dual-hatting creates fragmentation and stovepiping. We need a cohesive national approach through the Cyber Security Centre as a single entity responsible for managing the cybermission in totality and reporting up through a single chain. We perhaps need to consider whether the Cyber Security Centre should be the single point of contact and accountability for all cyber-related communication, reporting, incident response, crisis communication, management, threat intelligence capability operations and policy. This centre should remain based in the Defence portfolio and continue to report to the Director-General of the Australian Signals Directorate.

The threats we face in this field are always evolving and changing, so we must continue to adapt and update our methods and defences because what we are defending—the integrity, transparency and health of our democracy—matters to every decision that we make in this place and to every Australian we serve.

See this speech in context