Growing rates of criminal and state-linked cyber actors have seen the nation prioritise its cyber defensive and offensive capabilities.
In particular, Australia has passed new legislation that could see the government install software on the systems of private businesses in response to cyber-attacks—while threatening any cyber actors with swift retaliation.
The taxpayer-funded program will provide a new National Certificate III in Information Technology (cyber security) qualification to help fill 7000 jobs by 2024 in an industry expected to generate $7.6 billion for the economy—all without the need to receive a university degree.
Coding education specialist Junior Engineers and job provider Asuria have partnered to run the program, which will involve placing participants with nationally recognised qualifications together with host employers.
“Thanks to the government’s range of employment programs, together, Asuria and Junior Engineers will be able to directly address the cyber security skills shortage, fast-tracking suitable candidates into ready and waiting roles, while giving Australians the opportunity to embark on exciting new careers by gaining skills that will last them a lifetime,” chief executive and chair of Asuria Con Kittos said.
The training program will pay students while providing real-world training and experience in cyber security risk management and incident response. First courses are expected to open in early 2022.
This comes amid growing concern that government capabilities may be insufficient in protecting the nation against cyber threats, particularly against critical infrastructure.
Rachel Noble, director-general of the Australian Signals Directorate, said a quarter of all cyberattacks on Australia had targeted energy, water, telecommunications, health services, and other key infrastructure. This included attempts from cyber actors to gather intelligence or implant bugs and malware capable of denying, degrading, or disrupting the vital services at their discretion.
Speaking alongside the head of the Australian Cyber Security Centre, former director of the United States National Security Agency, Keith Alexander, expressed concern that government capabilities are incapable of adequately defending some sectors.
“I think the biggest problem that I faced in government, and that we face today, is governments—not just ours, but yours as well—can’t see attacks on the private sector. Yet the government is responsible for defending the private sector,” Alexander said.
While some involve independent ransomware attackers, others have seen offensive action from state-based actors, such as the Russia-linked SolarWinds attack and the China-linked Microsoft email server attack.