Australian Defence Force Cyber Security - What skills and strategic advisory support are needed?

By Chloe Villanueva  |  April 11, 2023

As Defence increasingly relies on innovative information and communication technologies, how do we enhance capabilities to fight and win in the digital age? This reliance comes with increased sophisticated cyber threats and regional military modernisation.

“98 per cent of initial intrusions could have been stopped with basic cyber hygiene.”

Apart from Government systems, media, IT, energy companies and think tanks were targeted in 2022. This data comes from insights from Microsoft Australia and New Zealand.

Defining Cyberspace in Defence

When determining the scope of cyber security, we need to define cyberspace.

Typically, we think of it as the global digital environment. But it also comprises partitioned and inter-dependent logical and hardware infrastructures, networks, systems, information and services. It is not an interdependent network and is not limited to just ICT (Information Communications Technology).

According to an article in United Service, cyberspace in Defence includes separately nested operational technologies or within traditional warfighting platforms, like ships, tanks and aircraft.

Most cyberspace today is software-based, virtualised and non-physical. But it resides in a physical hardware layer, which can still be targeted with firepower and lethal force.

The scope is vast and complex - the Australian Defence Force protects over 1,000 networks with 320,000 endpoints and devices.

The Defence Cyber Security Strategy

In August of last year, Assistant Minister for Defence and Assistant Minister for Veterans’ Affairs, Hon Matt Thistlethwaite launched the Defence Cyber Security Strategy.

The strategy includes details on how Defence intends to combat cyber threats. The plan consists of four priority action areas:

  1. Cyber Security Governance - Updating Defence’s cyber security governance to enable and empower its cyber security apparatus as a potent warfighting capability.

  2. Capability Management - Adapting a renewed approach informed by and responsive to cyber threats, delivering effective risk engagement and prioritisation of finite resources, and is supported by strategic partnerships.

  3. People - Recognising the level of competition for cyber security talent and that a cyber secure culture must be a part of the entire Defence ecosystem.

  4. Future-Ready - Focusing on research, development and investments in future cyber security capabilities to stay ahead of adversaries.

The Defence Force Cyber Security Strategy formed part of the 2022 Defence Information and Communications Technology Strategy considerations, including initiatives for digital skilling.

Skilling for cyber security in Defence

At the Games Career Expo last November 2022, Defence scientists formed a panel discussing using game techniques, technologies and innovation to help prepare Defence forces for future challenges. Part of this involves exploring gaming to train future cybersecurity talent.

When it comes to skills, the Australian Signals Directorate (ASD), formerly the Defence Signals Directorate (DSD) defines essential roles and capabilities in the Cyber Skills Framework:

  • Cyber Security Advice and Assessment

  • Cyber Threat Analyst

  • Incident Responder

  • Intrusion Analyst

  • Malware Analyst

  • Operations Coordinator

  • Penetration Tester

  • Vulnerability Assessor

  • Vulnerability Researcher

Enhancing Defence cyber security capabilities

Lumify People (formerly DDLS People) partners with Defence to solve problems, large and small. With 20 years of experience in logistics support, supply chain management, project management and learning and development.

Our expertise has been honed in dealing with some of Australia's largest organisations and institutions. We have an established record of delivering results with commitment and passion.

Lumify’s consultants are the day-to-day client contacts delivering consulting and project management to our valued clients. Consultants are highly experienced with an enviable skill set. Join our team; apply for any roles on our Careers page.

Through the overarching Lumify Group and our affiliate Lumify Work (formerly DDLS Training), we have been delivering the best ICT training programs to Defence . These programs focus on categories like Cybersecurity, Data Analytics & AI, Cloud Computing, IT Service Management and Project and Program Management. View our courses here or contact our team at [email protected].