The NSW government will establish a NSW Cyber Hub to grow the cyber security industry and create a pipeline for talent as part of the state’s new sector-wide 2021 cyber security strategy.
The strategy, released on Thursday, brings together for the first time the government’s cyber security ambitions for both industry and government, which were previously two separate strategies.
It has been developed over the past 12 months with input from over 85 organisations to serve the dual purpose of defending and protecting the economy, while underpinning its growth.
Much of the strategy is positioned to help grow the cyber security industry, including through the creation of a NSW Cyber Hub, which absorbs the functions of the NSW Cyber Security Innovation Node.
The hub is intended to act as a “front door for cyber industry support” and will offer a range of programs to connect the public, private and research sectors.
One such initiative is the Accelerator in Residence Program, which is “designed to attract new participants to NSW and build local innovation and scaling capability in technology and cyber”.
Digital and customer service minister Victor Dominello described the NSW Cyber Hub as the “intersection between government and industry to build up our inner core”.
“When you think cyber attacks, we all need to put our armour on, we all need the defences,” he said, launching the strategy at the Sydney Startup Hub on Thursday.
“But you also need the muscle to wear the armour, and to build and rebuild the armour, and that’s what this is about. It’s about resilience, it’s about building capacity, our inner strength.
“Because if we’re weak, the only thing we do is put up defence, but if we’re strong, we’re strong from the inner as well as the outer.”
The strategy also plans to “clarify minimum cyber security requirements” in government procurement, building on the work of the ICT and Digital Sovereign Procurement Taskforce.
Government
On the public sector front, the strategy formalises many of the commitments made by the government over the past year to increase NSW government cyber resiliency.
It reiterates the need for “ongoing investment and maintenance to sustain and improve our cyber security capabilities”, noting that “what is ‘good’ security today quickly fades”.
Focus areas include enhancing the capacity and capability of the state’s central cyber office, Cyber Security NSW, to ensure it is “proactive” and can assist smaller agencies and local council.
As revealed last year, the government plans to do this through a significant expansion of the office using around $60 million of the $240 million set aside for cyber security over the next three years.
The strategy also establishes “an audit assistance function for agencies reporting against the cyber security policy” that should go some way to improving two years of low maturity across government.
Another focus area is “targeted cluster cyber security uplift programs”, the likes of which are already taking place at NSW Police, and the Department of Communities and Justice.
Together they have scored $56 million over three years to secure their systems, while Service NSW has received $5 million to upgrade its defences in the wake of last year’s high-profile cyber attack.
The government is also planning to expand cyber security training and awareness program to local councils as part of the strategy.
Chief cyber security officer Tony Chapman told the launch of the strategy today that around 7000 public servants had already undergone cyber awareness training this financial year.
Skills
Another pillar of the strategy is centred on addressing “skills gaps and build a workforce capable of operating with fluidity”.
It plans to do this by further developing entry pathways such as the NSW cyber ambassador program, as well as further developing cyber security micro-learning programs.
The government also plans to use the NSW Cyber Hub to promote internships, traineeships and apprenticeships to further integrate industry-based learning opportunities into university and TAFE.
It will also pilot a “Cyber Checkme” initiative to “better link university undergraduates to field experience”.
