Katie Allen (Higgins, Liberal Party) Share this | Hansard source

I would like to thank the member for Fisher for moving this motion and providing a great opportunity for members to speak on such an important matter to Australia, cybersecurity. It's no surprise that most of Australia's economy is running off the internet, and most businesses rely on online transactions and communications. Although this is the future, it also makes us vulnerable to cyberattacks.

Last financial year alone, the Australian Signals Directorate and the Australian Cyber Security Centre received over 60,000 cybercrime reports. That's one every eight minutes, and that's only those that were reported. In the last year, scams are estimated to have cost Australian businesses more than $140 million, at an average of $33,000 taken each time. There is no doubt that Australia risks many more cyberattacks in the future. Cyberattacks are low cost, hard to attribute and can be done at any time, anywhere.

Many of us have talked about sovereignty in territorial terms here in this place. But this is changing. Australians need to start the conversation about what it means for Australia to retain and protect its digital sovereignty. We need to protect our critical infrastructure to make sure that digital centres and our data are protected. That's why the Morrison government is investing $1.35 billion through the Australian Signals Directorate and the Australian Cyber Security Centre to keep Australians safer online. This is part of the $15 billion the government is investing in cyber and defence capabilities. As I've said, cyberattacks are low cost and can happen at any time. Anyone in Australia can become a target, whether it's our institutions, businesses or private citizens.

In September this year, Stonnington City Council in my electorate of Higgins was hit by a cyberattack. The council drew on assistance from the Australian Cyber Security Centre following the attack and was able to continue operating essential services while it dealt with the outage. But this affects the services that governments deliver. It affects the services that businesses deliver. It undermines our privacy. This attack emphasises the warnings from ASIO that councils across Australia can be subjected to cyberattacks, so too our genetic digital data. It's stored in services across Australia. We need to do more to protect our sovereign data, whether it's government, business or collated medical research data. Protecting it protects Australia's interests.

The government is committed to tackling cybercrime, including through developing the next National Plan to Combat Cybercrime, which will bring together the powers, capabilities, experience and intelligence of all jurisdictions to build a strong operational response to cybercrime harming Australians and Australia; investing $1.6 billion through the Cyber Security Strategy 2020; introducing legislation to bolster the powers of the AFP— (Quorum formed)

Sitting suspended from 13:15 to 13:19

As I was saying before the suspension, the government is committed to introducing legislation to bolster the powers of the AFP and the Australian Criminal Intelligence Commission to identify individuals and their networks engaging in a serious criminal activity on the dark web. We also plan to introduce legislation to uplift the security and resilience of Australia's critical infrastructure and provide $6.1 million for support services through IDCARE to protect Australians online, if they've been a victim of cybercrime.

It's not only what governments can do, however. Cybersecurity is a shared responsibility. It is vital that Australian businesses and organisations are alert to this threat and take the necessary steps to ensure our—and their—digital data is safe and ensure they're implementing good cyber practices, such as checking systems, making sure their apps are updated regularly and computer systems are at the latest version, and installing any available security patches. We want them to be mindful of links sent to email and other messaging systems, and we want multifactor authentication to make sure there's an extra step between your valuable data—like you bank account—and a cyberattack hack. We want to use passphrases, not passwords, and we want you to keep a backup of your data off your network.

I encourage all Australians to go to cyber.gov.au to find easy-to-follow guidelines on how to increase your cybersecurity online.

See this speech in context