Cyber policy

Budget Review 2018–19 Index

Helen Portillo-Castro

The Minister for Foreign Affairs, Julie Bishop, described cyber as ‘the new frontier’ in her address to the National Security Summit the day after the 2018–19 Budget was released. Minister Bishop stated that ‘cyber-related threats to Australia and our region are increasing in number, type and sophistication’.[1]

In February this year, the Minister for Home Affairs, Peter Dutton, highlighted public expectations with regard to cyberspace, noting the ‘public’s access to and dependence on cyber space has become almost akin to its access to other services, such as the supply of water’.[2] Minister Dutton foreshadowed the prevention of cybercrime and cyberattack and the promotion of ‘cyber resilience’ as core objectives of the new Home Affairs portfolio, which now has carriage of the Government’s 2016 Cyber Security Strategy (the Strategy).[3] The Home Affairs 2018–19 Portfolio Budget Statements stipulate the performance criterion for the relevant programs involved in providing ‘timely, relevant and forward leaning cyber security policy advice, to protect and advance Australia’s interests online’.[4] There is, however, no explicit detail in the Budget on how any particular measure ties in with the Strategy, or the specific outcomes being sought in cyber policy.

The Strategy included an action plan to achieve several strategic goals by 2020, based on measures initially funded in the 2016–17 Budget.[5] Despite the lack of detail on whether the Government is on track to achieve those goals, this year’s Budget does contain a number of measures that relate to the implementation of that action plan—and not only in the Home Affairs portfolio.[6] Budget measures that explicitly mention cybersecurity outcomes span the Foreign Affairs and Trade, Health and Jobs and Innovation portfolios.[7]

An array of cross-portfolio measures relating to the broader strategic cyber context are contained in two packages—‘Delivering Australia’s Digital Future’ and ‘Australian Technology and Science Growth Plan’. Several of these new measures are covered in other Budget Review briefs.[8] Additionally, there are measures targeting criminal behaviour online, as well as abuse that falls short of the criminal threshold.[9]

The distribution across portfolios, however, reflects the ‘[increasing reliance] on the internet in many aspects of our society and economy’ that the Minister for Foreign Affairs mentioned in her address on 9 May 2018.[10] The spread of cyber-related issues across portfolios is also illustrative of the convergence of distinct policy arenas in the online environment. While the 2016 Cyber Security Strategy and the more recently announced International Cyber Engagement Strategy may aim to coordinate this policy intersection inside government, a coherent conception of cyber policy remains absent in broader public discourse and in parliamentary debates.[11]

The critical role of the Australian Signals Directorate

Legislation to establish the Australian Signals Directorate (ASD) as a statutory agency while remaining within the Defence portfolio will come into effect on 1 July 2018. The Defence Portfolio Budget Statements state that there are no budget measures relating to ASD.[12] But the ASD will adopt formal responsibility for the Australian Cyber Security Centre (ACSC) from the beginning of the 2018–19 financial year,[13] together with:

  • the Computer Emergency Response Team along with its cyber policy and security functions, which is being transferred from the Attorney-General’s Department[14]
  • the 24/7 cyber incident monitoring and response capability announced in the Mid-Year Economic and Fiscal Outlook 2017–18[15] and
  • the Cyber Security Unit, including its personnel, that formed inside the Digital Transformation Agency as a consequence of the Review of the Events Surrounding the 2016 eCensus.[16]

An independent review of the Australian National Audit Office’s cybersecurity arrangements points to ASD’s central role in promoting whole-of-government cyber resilience, underscoring the government sector’s reliance on ASD guidance for mitigation of cyber incidents and any response to a security incident.[17]

Cyber as a frontier for Parliament

The impact of cyberspace on parliamentary business is also contemplated in the Budget, and parliamentary interest in cyber affairs is apparent in the terms of reference for current committee inquiries.[18] Ongoing parliamentary business includes:

On 8 May 2018, the House of Representatives Standing Committee on Industry, Innovation, Science and Resources tabled the report, Internet Competition Inquiry, which considered the impact on local businesses in Australia of global internet-based competition.

[1].          J Bishop (Minister for Foreign Affairs), Keynote speech at the 2018 Safeguarding Australia National Security Annual Summit, Canberra, media release, 9 May 2018.

[2].          P Dutton (Minister for Home Affairs), Address to the National Press Club, Canberra, media release, 21 February 2018. The National Archives of Australia has also used this analogy in describing the basis for the digital continuity policy applicable to government records: D Fricker (Director-General, National Archives of Australia), Transcript of Senate Occasional Lecture: Government-citizen engagement in the digital, Parliament House, Canberra, 28 April 2017, Parliament of Australia website.

[3].          Australian Government, Portfolio additional estimates statements 2017–18: Home Affair’s Portfolio, p. 25; P Dutton (Minister for Home Affairs), Address to the National Press Club, Canberra, op. cit.

[4].          Australian Government, Portfolio budget statements 2018–19: budget related paper no. 1.10: Home Affairs portfolio, p. 40.

[5].          N Brangwin, ‘Cybersecurity’, Budget review 2016–17, Research paper series, 2015–16, Parliamentary Library, Canberra, 2016.

[6].          The movement of funding arising from the implementation of the 2017 Independent Intelligence Review and the establishment of the Home Affairs portfolio is largely detailed elsewhere, for example in relevant 2017–18 Portfolio Additional Estimates Statements and 2017–18 Portfolio Supplementary Additional Estimates Statements. For detail on the Review and its relevance to the 2018 Budget, see C Barker ‘National security overview’, Budget review 2018–19, Research paper series, 2017–18, Parliamentary Library, Canberra, 2018.

[7].          Australian Government, Budget measures: budget paper no. 2: 2018–19: ‘Assistance to Papua New Guinea for hosting APEC 2018’ (p. 101), ‘Promoting Australian expertise in international markets’ (p. 104), ‘Guaranteeing Medicare—modernising the health and aged care payments systems’ (pp. 110–11), ‘Australian Technology and Science Growth Plan—building Australia’s Artificial Intelligence capability to support business’ (p. 151).

[8].          A related development is the Government’s response to the Productivity Commission’s inquiry into Data Availability and Use. For more information, see N Horne and P Hamilton, ‘Data sharing and release’, Budget review 2018–19, Research paper series, 2017–18, Parliamentary Library, Canberra, 2018.

[9].          The establishment of the Australian Centre to Counter Child Exploitation is an example—although this facility has a focus on activity in the cyber domain, its remit will not be restricted to cyber exploitation: Budget measures: budget paper no. 2: 2018–19, pp. 127–28; P Dutton (Minister for Home Affairs), Australian Centre to Counter Child Exploitation, media release, 25 March 2018. Other examples include outcomes sought through the eSafety Commissioner: delivering ‘face-to-face presentations and new on line resources to empower front line workers to assist women experiencing technology-facilitated abuse’; continuing to register trainers who can provide information and training for the education sector, including ‘online safety training to pre-service teachers at university’; and training for school chaplains on cyber-bullying. See M Fifield (Minister for Communications and the Arts), Strengthening Australia’s connectivity, creativity and cultural heritage, media release, 8 May 2018; S Birmingham (Minister for Education and Training) and K Andrews (Minister for Vocational Education and Skills), Guaranteeing essential services—reform and investment for better education opportunities, media release, 8 May 2018.

[10].       Bishop, op. cit.

[11].       A third, related policy statement is the Digital Economy Strategy which, at the time of writing, has not been made public but is due for release by mid-2018: Australian Government, The digital economy: opening up the conversation, Department of Industry, Innovation and Science consultation paper, 2017, p. 7. For commentary on the relationship between the 2018 Budget announcements and policy intent, see Office of the Chief Economist, ‘Building digital highways’, Economic Insight, Department of Industry, Innovation and Science, 11 May 2018. For a list of the measures that relate to the $2.4 billion package, see J Hendry, ‘Govt earmarks $2.4bn for tech infrastructure’, itNews, 9 May 2018.

[12].       Australian Government, Portfolio budget statements 2018–19: budget related paper no. 1.4A: Defence Portfolio, p. 165. See also D Watt, ‘Defence overview’, Budget review 2018–19, Research paper series, 2017–18, Parliamentary Library, Canberra, 2018.

[13].       Portfolio budget statements 2018–19: budget related paper no. 1.4A: Defence Portfolio, op. cit., p. 163; M Payne (Minister for Defence), P Dutton (Minister for Home Affairs) and A Taylor (Minister for Law Enforcement and Cyber Security), Strengthening Australia’s cyber expertise, joint media release, 11 April 2018.

[14].       Explanatory Memorandum, Intelligence Services Amendment (Establishment of the Australian Signals Directorate) Bill 2018.

[15].       S Morrison (Treasurer) and M Cormann (Minister for Finance), Mid-year economic and fiscal outlook 2017–18, p. 175.

[16].       L Seeback (Chief Investment Advisory Office, Digital Transformation Agency), Evidence to Senate Finance and Public Administration References Committee, Inquiry into digital delivery of government services, 7 May 2018. Funding for a ‘Cyber Security Advisory Office’ inside the Digital Transformation Agency was announced in last year’s Budget: see C Barker, ‘National security overview’, Budget review 2017–18, Research paper series, 2016–17, Parliamentary Library, Canberra, 2017.

[17].       Australian National Audit Office, Review of cyber security: report by the Independent Auditor, Commonwealth of Australia, December 2017.

[18].       The Department of Parliamentary Services was allocated $9 million over four years to establish a Cyber Security Operations Centre for Parliament House: Budget measures: budget paper no. 2: 2018–19, p. 162.


All online articles accessed May 2018.

For copyright reasons some linked items are only available to members of Parliament.

© Commonwealth of Australia

Creative commons logo

Creative Commons

With the exception of the Commonwealth Coat of Arms, and to the extent that copyright subsists in a third party, this publication, its logo and front page design are licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Australia licence.

In essence, you are free to copy and communicate this work in its current form for all non-commercial purposes, as long as you attribute the work to the author and abide by the other licence terms. The work cannot be adapted or modified in any way. Content from this publication should be attributed in the following way: Author(s), Title of publication, Series Name and No, Publisher, Date.

To the extent that copyright subsists in third party quotes it remains with the original owner and permission may be required to reuse the material.

Inquiries regarding the licence and any use of the publication are welcome to

This work has been prepared to support the work of the Australian Parliament using information available at the time of production. The views expressed do not reflect an official position of the Parliamentary Library, nor do they constitute professional legal opinion.

Any concerns or complaints should be directed to the Parliamentary Librarian. Parliamentary Library staff are available to discuss the contents of publications with Senators and Members and their staff. To access this service, clients may contact the author or the Library‘s Central Enquiry Point for referral.