Information and communications technology, encompassing digital services and infrastructure, cybersecurity and software, is ubiquitous throughout the economy and society. As the digital transformation gathers pace, the number and complexity of ICT services is accelerating.
The ubiquity of services in Australia is reflected in the divers federal ministerial responsibilities for policies and legislation setting the national direction of ICT—our cyber and digital security and the ongoing development of our digital economy, including technological advancement.
Consequently, our strategies, legislation, regulation and policy initiatives are being developed separately, with no overarching vision, resulting in point solutions and stove-piped policy development, implementation and governance.
This is happening as Australia is dealing with ongoing challenges associated with the pandemic and increasing geostrategic competition in our region, escalating our need for critical technologies and more robust cybersecurity. These challenges are prompting a renewed emphasis on national sovereignty, with the goal of greater national resilience and self-reliance.
Digital sovereignty means self-reliance where ICT, data and technology are concerned. Since ICT and technology fundamentally underpin every sector of our economy, it’s not possible to think seriously about national resilience without considering digital sovereignty.
As we plan for our post-pandemic economic recovery, it’s time Australia had an overarching strategy for ICT capability that aligns all relevant legislation, policy, governance, capability and priorities into an integrated national plan. This is the only way we can ensure Australia has a safe and prosperous digital economy and digital society, that is cyber secure, resilient to supply-chain challenges and contributes to a more prosperous and secure Indo-Pacific region.
We need this plan to address both social and economic threats, including cyberattacks, which are growing exponentially in number and seriousness, and opportunities that have the power to reshape our economy and society forever. These include the internet of things, quantum computing and 6G.
Australia needs to address the national need for a sovereign ICT capability from which a whole-of-government, whole-of-nation approach to these threats and opportunities can be formulated. It will require a thorough assessment of our current and future capability requirements, a process that can be delivered through a sovereign ICT capability framework that would enable Australia to adopt an integration-by-design approach.
A sovereign ICT capability framework would underpin the development and sustainability of Australia’s digital and cybersecurity future. It would create new and expanded opportunities for Australian companies to provide ICT solutions to Australia and to export them to our near neighbours.
That would, in turn, create sustainable ICT-focused employment pathways underpinned by a thriving local industry. This will allow Australia to deliver strategic capabilities by prioritising strategic requirements. National delivery plans could include:
- a cybersecurity capability plan addressing skills and capability needs throughout the economy
- a digital infrastructure plan addressing future requirements for data storage and processing, submarine cables, telecommunications poles and wires, and 6G plus all that it brings
- a sovereign data plan addressing necessary controls for various government and non-government data.
Recently announced policies and legislation, including the digital economy strategy and amendments to the Security of Critical Infrastructure Act 2018, need to interlink with plans for our digital infrastructure, cybersecurity capability and technology development, with these capabilities supported by the Australian people and the organisations that will deliver them.
This design approach would allow the nation to determine just what ICT capability it needs, and then decide what will be built and maintained onshore (on-shoring), what can be built and maintained in partnership with our allies (ally-shoring) and what needs to be obtained through global supply chains (offshoring).
This approach, which will optimise and grow the capabilities we already have in Australia through direct government procurement and via ally-shoring, is a ‘smart sovereignty’ approach as it assesses the degrees of sovereignty required to deliver and sustain the capabilities we need.
Everything from research and development to capability interoperability, skills development and raw materials to support ICT resilience would be captured under this framework, providing confidence to our ICT industry and to the nation.
Australia needs holistic management of eight essential elements for sovereign ICT capability: organisation, management, personnel, training, systems, facilities, supplies and support, and industry.
The need for an overarching framework linking these elements is compelling.
To deliver this, Australia should better utilise its governmental purchasing power to tighten ICT standards, regulations and procurement approaches. Doing so will facilitate and lift up ICT capability nationally. Australia’s sovereign ICT capability should be designed to improve national resilience and not be left solely to market forces, much less our alliances, new or old.
A dedicated minister for ICT capability (or cybersecurity) should be appointed with responsibility for building sovereign ICT capability. This should be a cabinet-level appointment to provide consistency of direction for national ICT capability and add weight to the message that sovereign ICT and cybersecurity are critical to our future economy and security. The minister could also bring together relevant domestic and foreign affairs aspects as the nation seeks a safe, secure and prosperous Australia, Indo-Pacific and world, enabled by cyberspace and critical technology.
Creation of a sovereign ICT capability framework would enable Australia to prioritise the strategic ICT capabilities we need, while building on the strong foundations we already have.