Industry Advisory Committee established to guide implementation of cyber security strategy

By Shannon Jenkins

Tuesday October 20, 2020


An advisory body tasked with helping the federal government improve cyber security across the public and private sectors has held its first virtual meeting on Tuesday, more than two months after the government released its pivotal cyber security strategy.

The Industry Advisory Committee has been appointed for a two-year term to guide implementation of the 2020 Cyber Security Strategy. Telstra chief executive Andrew Penn has been named as chair, and is joined by NBN Co chief security officer Darren Kane, AUCloud chair Cathie Reid, Cyber Security Cooperative Research Centre CEO Rachael Falk, Northrop Grumman Australia chief executive Chris Deeble, FibreSense chair Bevan Slattery, PricewaterhouseCoopers Australia’s Corinne Best, NAB’s Patrick Wright, University of Western Australia Public Policy Institute advisory board chair Professor Stephen Smith, and Macquarie Telecom Group​ CEO David Tudehope.

The formation of the committee follows the establishment of the 2020 Cyber Security Strategy Industry Advisory Panel in November, which was charged with providing strategic advice and guidance on the development of the strategy.

Its membership included Penn as chair, along with Kane, Deeble, Vocus group chair Robert Mansfield, Tesla board chair Robyn Denholm, and former US secretary of Homeland Security Kirstjen Nielsen.

The panel released its final report in July, containing 60 recommendations to government.

Read more: Ex US secretary of homeland security to help develop Australia’s new cyber security strategy

Penn said Australia has been “quite literally under constant cyber-attack” from cyber-criminals, cyber-activists and — to use Scott Morrison’s words — “sophisticated” state actors. To tackle this, Australia’s cyber defences must be “strong, adaptive and built around a strategic framework that is coordinated, integrated and capable”, Penn said.

The cyber security strategy includes proposed national security laws which would allow federal government agencies to obtain information from “critical infrastructure” entities if the information is deemed to be in the national interest. Such entities could come from a range of sectors, including banking, finance, communications, data, defence industry, education, research, innovation, energy, food, grocery, health, space, transport, and water.

Under the laws, entities that have been classified as “systems of national significance” may be forced to provide their information to the government.

Home Affairs minister Peter Dutton has said the new committee would ensure industry plays a key role in shaping the delivery of actions set out in the strategy.

Read more: Proposed national security laws grant agencies stronger powers to protect critical infrastructure from cyber attacks


About the author
Inline Feedbacks
View all comments