Australia needs a cybersecurity curriculum agenda

The increasing digitalisation of the Australian economy promises exponential economic growth opportunities and societal advances for our nation, with the development of internet-based technologies dramatically enhancing the way we live, work, play and learn.

Our nation must transition from the ‘Digital Economy’ to an ‘Economy that is Digitally (ICT) Empowered and Cyber Enabled’. Through investment in the nbn and partnerships with telecommunications and ISP providers, Australians will be provided with ubiquitous communications at the citizen, household and business levels, and for all levels of government.

As our connectedness increases, the development and implementation of an updated cybersecurity strategy and execution plan is crucial, to maximise the value of the investment in the internet to the Australian economy and its citizens. In fact, it must be a top 5 priority.

As a contributor to the Prime Minister & Cabinet’s National Cybersecurity Review, Cisco advocated education and training as a critical element in this strategy, including the development of a national curriculum, ranging from primary schools to the boardroom.

Securing our cyber assets

Cyber-insecurity is a blatant tax on economic growth, especially as digital attacks continuously outpace defences through increasing deftness and sophistication. Our nation’s dependence on the internet and growing dependence on the digitally powered economy means that the erosion of trust and confidence poses a serious risk to digital enablement; one that has the potential to transform our future.

Cybercrime also reduces investment and innovation, which can extend to a ‘loss of trust’ between nations, harming Australian businesses at a local and international level by reducing foreign investment and competitiveness.

Globally, national losses from cybersecurity incidents are estimated to be as high as 1% of GDP, which for Australia amounts to a possible $17 billion per year. The G20 economies are estimated to have lost over 2.5 million jobs to counterfeiting and privacy.

These figures demonstrate the undeniable importance of establishing cybersecurity as a key element of our national security strategy.

Education and training

Today’s students are the individuals we will trust with managing the digital security of tomorrow. This means we must ensure they understand the importance of cybersecurity and have the opportunity to be comprehensively trained. Australia’s potential as a data safe haven will not be possible without adept or qualified professionals.

An immediate demand for experts already exists. In 2014, Cisco’s Annual Security Report highlighted a global shortage of approximately one million cybersecurity professionals, and growing.

Considering Australia’s strong higher education sector, we have an extraordinary opportunity to export a new cyber education and training curriculum and cement our status as a base for developing skilled personnel for the global market.

To develop the skills Australia requires, prioritising the establishment of a ‘national cybersecurity curriculum engine’ is crucial. Included within this must be a program that outlines necessary skills and is easily integrated in education, hiring and training practices.

The federal government must provide leadership in incentivising a national cybersecurity curriculum and learning path, through a partnership with higher education bodies and the private sector, to encourage the creation of cybersecurity education programs at primary, secondary and tertiary (both TAFE and university) levels.

Education and training should focus on upskilling the workforce of today, creating the workforce of tomorrow and accelerating the growth of knowledge and interest from primary school onwards. Cybersecurity should be integrated into traditional and non-traditional courses, including formal and vocational education courses (as not every individual needs a degree), to ensure both a base-level awareness of cybersecurity is instilled in all Australians and to develop the highly skilled specialists we need to protect our nation.

Creating a critical mass

Australia has often fallen short in driving innovation due to our failure to create the critical mass required to be globally relevant. Although we are significant exporters of courses and training within engineering, law and business faculties, we have not matched this with the development of expertise in digital innovation, cybersecurity and traditional STEM subjects. Our incentive schemes drive competition and single-minded approaches, where failure is rarely tolerated, rather than collaboration that will drive cybersecurity progression.

Despite growing investment in incubators and start-ups, their fractured nature and lack of connection to higher-order opportunities has resulted in our innovation system stalling. Australia is a nation made up of SMEs, with over 99% of businesses in this space; however, many of them fit within the ‘small’ to ‘very small’ category because we have failed to sufficiently innovate and grow them into medium and large companies.

In response to this, entities such as The Australian Cybersecurity Research Institute (ACSRI) — consisting of Cisco, the Australian Crime Commission, the Australian Computer Emergency Response Team, the Australian National University, Edith Cowan University and Deakin University — are executing a project to develop an additional 40 PhD cybersecurity students by 2025. Partnerships such as these will be crucial to creating a critical mass to drive learning and innovation in the cybersecurity space.

And important appointments, such as that of Dr Larry Marshall, a Silicon Valley veteran, to the position of CEO of CSIRO, will be important in encouraging Australia’s major science institution to think about ‘inventing’ again.

Promoting collaboration

The alarming shortage of skills and decreasing numbers of students entering STEM courses is demonstrative of the need to address learning pathways, which should start from early education.

A key component of opening will be empowering girls to study STEM subjects, as early as primary school, to create and maximise a potential pipeline. We must provide ongoing encouragement and facilitate growth opportunities for women in IT and cybersecurity, including board-level opportunities.

Our challenge now is to think big, be bold and be blatantly ambitious. If we are going to maximise the opportunities available to drive Australia’s growth and elevate our place on the world stage, then education and training are fundamental. It will require a coordinated and mutually invested partnership between government, higher education and the private sector.

Such a program may sound overly ambitious; however, if the necessary skills and awareness of the importance of cybersecurity and digital enablement can be instilled in all Australians, including our business and government leaders, then we will be taking huge steps towards becoming one of the world’s first cyber-secure nations, with economic and innovation opportunities the reward.

Image credit: ©Nmedia/Dollar Photo Club