Cybersecurity package

Budget Review 2022–23 Index

Stephen Fallon

The most notable budget measure concerning Defence is a significant investment in the Australian Signals Directorate (ASD, Australia’s signals intelligence agency), intended to expand the agency, boosting its offensive and defensive capabilities and recognising cyber as a key warfighting domain.

Announcing a project called REDSPICE, Budget measures: budget paper no. 2: 2022–23 states that the ‘Government will provide $9.9 billion over 10 years to 2030–31 to the Australian Signals Directorate (ASD) to deliver a Resilience, Effects, Defence, Space, Intelligence, Cyber and Enablers package (REDSPICE)’ (p.42).

Though the Budget documents do not detail specific REDSPICE projects, which will almost certainly be classified, they do note that this investment will double ASD’s size by adding 1,900 new positions over the coming decade, triple ASD’s offensive cyber capabilities and double its cyber hunt and response activities.

While it did not use the term REDSPICE, a 22 March 2022 media release by the Minister for Defence Peter Dutton highlighted that a new ASD facility at Majura Park in Canberra would expand ASD’s capabilities, drawing on the expertise of the Australian Defence Force, Australian Federal Police and other agencies.

The announced resourcing for REDSPICE is considerable, though Budget paper no. 2 highlights that funding for this measure will be mainly offset from funding taken from the Defence Integrated Investment Program. According to Budget paper no. 2 (p. 3), it appears that $588.7 million of new money will be invested in REDSPICE over the forward estimates, while an additional $3,619.9 million will be reassigned from existing funds. As the Australian Strategic Policy Institute’s Marcus Hellyer observes, ‘[o]ver 85% of ASD’s additional funding is coming out of … Defence’s capability acquisition program’, suggesting perhaps that the Government is reassigning existing resources to cyber rather than increasing the overall sum of money available. At least some of this funding has been reassigned from the cancelled purchase of an unmanned aerial vehicle system.

In a further expansion of Australian cyber capability, the creation of a multi-agency Cyber and Critical Technology Intelligence Centre led by the Office of National Intelligence (ONI) was announced by Prime Minister Scott Morrison on 28 March 2022. Perhaps due to its classified nature, few details about this centre are currently available and there does not seem to be any mention of it in the Budget papers, though Prime Minister Morrison suggested it will have a broad purview. The Prime Minister and Cabinet Portfolio budget statement notes that ‘ONI has no new Budget measures in the 2022–23 Budget’ (p. 283), suggesting the centre will be supported by existing funds.

The decision to expand ASD so significantly acknowledges that cybersecurity is integral to the defence of Australia. This includes not only defending Australia from cyberoperations conducted by sophisticated state actors, such as those which compromised the Australian parliament in 2019, but also from malicious activity by actors including cybercriminals seeking to extract ransoms and issue-motivated groups, such as the Anonymous collective and terrorist groups.

From an offensive perspective, cyberespionage is a crucial source of information about intelligence targets, and future conflicts will almost certainly increasingly see offensive cyberoperations integrated into conventional operations. Australia will be at a strategic disadvantage if it does not remain on the cutting edge of such developments.

However, as with any ambitious project, REDSPICE is likely to face some significant challenges. For example, doubling ASD’s size by adding almost 2,000 employees will likely prove difficult. As Australian Cyber Security Magazine observed in October 2021, the Australian cybersecurity industry is constrained by a severe shortage of workers. Indeed, a 2019 assessment by AustCyber, a non-profit supported by Australian Government funding, stated that there could be a shortage of 18,000 cybersecurity workers in Australia within the decade.

ASD will therefore be competing with private companies and other government agencies for the best candidates. Compounding this challenge is the fact that cybersecurity positions tend to be well-remunerated, meaning that ASD may struggle to attract the most desirable candidates who are also likely to be courted by companies able to offer lucrative salaries. If Treasurer Josh Frydenberg’s prediction that unemployment will fall and wages will rise as a result of the 2022 Budget is correct, ASD will likely face an increasingly competitive marketplace for talent. Similarly, retaining skilled personnel who can parlay their training and experience into lucrative private sector work may also be a challenge.

A final workforce challenge is that evidence suggests the majority of cybersecurity workers are working fully remotely or visiting the office sporadically, and that this workstyle coincides with record levels of job satisfaction. Due to security considerations, ASD is unlikely to be able to offer candidates the option of working from home, possible further challenging its ability to recruit skilled and sought-after candidates who may value flexible working conditions.

Once ASD identifies a suitably skilled candidate, that individual is required to undergo an invasive psychological assessment and security clearance process that may deter some potential applicants.

Assuming a candidate passes the psychological assessment, the security clearance process itself can be time consuming – William A Stoltz, a senior adviser at the Australian National University’s National Security College, has noted that processing high-level clearances can, in some cases, take years. And the Shadow Minister for Defence, Brendan O’Connor, has argued that the cyber skills shortage facing defence is exacerbated by ‘the massive backlog in security clearances that the government has allowed to develop’. The most sought-after candidates might blanche at waiting such a long time for a clearance with no guarantee that it will be granted, especially if they are made a lucrative offer of employment by a private sector company in the meantime.

In conclusion, this funding will no doubt be welcomed by ASD as it seeks to respond to a strategic environment it has described as deteriorating, and which is characterised by a rapidly developing technological landscape in which cyberspace plays an increasingly important role in warfare and national security. However, its ability to absorb this new investment and exploit it to its fullest potential will likely be challenged by workforce constraints.


All online articles accessed April 2022

For copyright reasons some linked items are only available to members of Parliament.

© Commonwealth of Australia

Creative commons logo

Creative Commons

With the exception of the Commonwealth Coat of Arms, and to the extent that copyright subsists in a third party, this publication, its logo and front page design are licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Australia licence.

In essence, you are free to copy and communicate this work in its current form for all non-commercial purposes, as long as you attribute the work to the author and abide by the other licence terms. The work cannot be adapted or modified in any way. Content from this publication should be attributed in the following way: Author(s), Title of publication, Series Name and No, Publisher, Date.

To the extent that copyright subsists in third party quotes it remains with the original owner and permission may be required to reuse the material.

Inquiries regarding the licence and any use of the publication are welcome to

This work has been prepared to support the work of the Australian Parliament using information available at the time of production. The views expressed do not reflect an official position of the Parliamentary Library, nor do they constitute professional legal opinion.

Any concerns or complaints should be directed to the Parliamentary Librarian. Parliamentary Library staff are available to discuss the contents of publications with Senators and Members and their staff. To access this service, clients may contact the author or the Library‘s Central Enquiry Point for referral.