top of page
Strip Overlay_right only.png

News & Media

Developing Australia’s sovereign cyber capabilities

Cyber attacks are estimated to cost Australian businesses $29 billion a year, which is why it’s now more important than ever for Australia to develop sovereign cyber capabilities.

Cyber security is emerging as one of Australia’s most promising growth sectors and there are a number of businesses that have come up with innovative ideas, however it’s difficult for smaller companies, especially those who are new, to gain access to market opportunities. That’s because many government procurements are made through panel arrangements. This means it’s difficult for smaller companies to enter the market and they may need to sell through a larger prime, giving up 20% of their revenue, which could mean the difference between profitable and unprofitable work.

This article will discuss the following:

  • Market barriers for small Australian businesses

  • Cyber attacks accelerated due to COVID-19

  • Investing in local industry

  • The struggle to fill cyber security roles

  • Solving the skills gap problem

Market barriers for small Australian businesses

There are many small Australian businesses that have developed innovative cybersecurity products and services, but many aren’t getting the recognition they deserve or the support to grow. This is often due to a lack of established credibility and scale to win contracts with large industry or government agencies in Australia and abroad.

AustCyber launched a platform called GovPitch in 2017, which allows small businesses to present innovative cyber security ideas directly to public sector officials. This creates an alternative procurement pathway and provides more opportunities for Australian small businesses.

Cyber attacks accelerated due to COVID-19

COVID-19 has exacerbated the number of cyberattacks so businesses need to be on their guard. Many businesses have moved online quickly but may not have taken into consideration things such as malicious cyber attacks. This is an opportunity for the government to speak with industry people on what emerging technologies the government should focus on developing.

Investing in local industry

The uptick in cyberattacks demonstrates a need to build sovereign cyber capability and reduce our reliance on offshore technology providers. Investing in local businesses would not only improve Australia’s cyber security sector but create industry growth and keep jobs in Australia.

Australia should develop a culture and reputation for high ‘digital trust’, which gives us a competitive advantage in the global economy that would attract investment and drive growth.

Currently, there is no local company among the 15 largest software providers in the Australian market. The federal government announced this year that the Australian Signals Directorate would recruit 500 employees to build Australia’s offensive capabilities, but director of the International Cyber Policy Centre at the Australian Strategy Policy Institute Fergus Hanson said that the directorate would struggle to fill these roles due to lack of people with the required skills.

Struggle to fill cyber security roles

AustCyber’s Sector Competitiveness Plan 2019 showed that Australia is lacking in job-ready cyber security workers. It’s estimated that Australia will need around 16,000 more cyber security workers for technical and non-technical positions by 2026. Despite recent growth in Australia’s cyber workforce, there are a number of positions that remain unfilled because companies can’t find people with the right skillset.

For the time being, the cyber security sector will need to draw on workers with transferable skills from other industries, such as the broader IT sector.

Solving the skills gap problem

The cyber security skills shortage will remain in Australia unless employers start offering better pathways for staff to transition from other industries into cyber security roles. To develop stronger cyber defences, Australia needs to build a more diverse workforce with both technical and non-technical skills. For a long time there has been a huge gender imbalance in the cyber security field, and getting more women into this industry will allow it to grow and mature.


bottom of page