How much is the Australian Government Spending on Cyber Security?

In a recent post, The Australian Cyber Risk Insouciance, I commented on an article from the Australian Financial Review (AFR), which reported that the Australian Government would not understand the cyber risks faced by the nation. They would not spend enough on cyber security to manage the risks adequately. They would then consequently expose the country to an unacceptable level of risk. The AFR article quoted some experts urging the Australian Government to spend more on cyber security. I concluded the post with 6 follow-on questions. The first question was “How much is the Australian Government currently spending on managing the nation cyber risk?”, which I have researched and report on below.

How much?

The Australian Government budget review for 2016–17, published in May 2016, provides the answer. It itemises the budget for Cybersecurity, which outlines the funding details for the cybersecurity initiatives identified in Australia’s cyber security strategy: enabling innovation, growth & prosperity (21 April 2016). The budget in question covers new initiatives, pre-existing initiatives and re-badged initiatives.

The overall Federal Government funding for Cyber Security includes 2 mains components:

  1. Australia’s Cyber Security Strategy (public domain & direct economy protection focus): $230M for 4 years.
  2. Defence cyber security program (more cyber-warfare focused): $300M-$400M for 10 years to improve Defence’s cybersecurity capabilities. Some details can be found in the 2016 Defence White Paper  (e.g. “include considerable new investment in strengthening the Defence cyber workforce, including new military and APS positions and training programs”).

While the actual expenditure is likely to vary year on year, an average would be $97.5M per year (with the upper range of the Defence component factored in).

In comparison, the Government is forecasting a total spending of $450.6Bn in 2016-2017 (source). Cyber Security spending is understandably a mere fraction of the total Government expenditure.

What for?

The breakdown for the Australia’s Cyber Security Strategy budget, for 4 years, is itemised in the Budget for Cybersecurity 2016-2017 and is summarised below:

  • $38.8 million for the ‘national cyber partnership’ (incl. Australian Cyber Security Centre relocation & funds to sponsor industry stakeholders’ engagement).
  • $136.1 million for improving cyber defences (incl. $15M for small businesses access to security testing, best practice development, etc.).
  • $6.7 million for ‘global responsibility and influence’ (incl. Australia’s new Cyber Ambassador international relationships).
  • $38 million for ‘growth and innovation’ (incl. Cyber Security Growth Centre and CSIRO contributions).
  • $10 million towards the ‘cyber smart nation’ initiative (incl. public awareness campaigns, establish Academic Centres of Cyber Security Excellence, etc.).

Aside of the 2016 Defence White Paper, I didn’t find any further details for the Defence component (perhaps expectedly).


One thought on “How much is the Australian Government Spending on Cyber Security?

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s