In this Security Edge panel, experts examined Australia’s cyber strategy and what’s needed to reach 2030 targets.

Jason Murrell – Chair and Co-Founder of the Australian Cyber Network, Kylie Watson – Head of Cyber Security at DXC Technology, and Catherine Rowe – Global CISO, previously QBE Insurance, joined the panel to explore Australia’s cyber security strategy: its goals, current momentum and the barriers still slowing progress towards 2030.

While the strategy provides a strong framework, the panel highlighted a lack of transparency and measurable reporting, which makes it difficult for the industry to assess effectiveness and stay engaged.

Catherine highlights her frustration with the absence of a central repository to track progress, while Jason emphasises the need for clear, government-driven updates to ensure greater industry engagement and accountability.

Kylie and Jason dive deeper into the funding allocated to cyber security efforts, pointing out the stark contrast between Australia’s commitment and that of global peers.

While Australia’s investment per capita is far below that of countries like the UK, US and Singapore, there is also concern that the country has become increasingly vulnerable to cyber threats.

ADAPT Survey data supports this.

While 70% of CIOs are now actively investing in generative AI—up from 50% in August 2023—spending still represents only around 4% of overall IT budgets (compared to 13% for cyber security).

Kylie notes that Australia is now the fourth most attacked nation, a significant rise since the government announced increased investments in cyber security.

This increased threat is accompanied by a lack of metrics and clear reporting, which frustrates many within the cyber security sector.

The discussion also touches on the escalating risks to critical infrastructure and small businesses, which are increasingly targeted by cyber attacks.

Catherine expresses concern about the rising vulnerability of these sectors, particularly given the geopolitical tensions that could exacerbate the risks.

Both Kylie and Jason stress the need for the government to address these threats more urgently, noting the potential national consequences of inaction, especially for small and medium enterprises that make up a significant portion of the Australian economy.

 

Key takeaways:

  • Lack of transparency and progress tracking: There is a significant gap in how Australia is measuring and reporting progress on its cyber security strategy, making it difficult for the industry to assess effectiveness and stay engaged.
  • Underfunding compared to global peers: Australia’s investment in cyber security is significantly lower per capita than other countries like the US, UK and Singapore, putting the nation at greater risk despite increased attack rates.
  • Rising threats to critical infrastructure and small businesses: The increasing frequency of attacks on critical infrastructure and small businesses highlights a growing vulnerability, with potential severe consequences for Australia’s economy and security.
Contributors
Jason Murrell Renowned Cyber Security Advocate and Consultant
With over 20 years of experience in start-ups and the broader technology industry, I am a renowned advocate for cyber security in... More

With over 20 years of experience in start-ups and the broader technology industry, I am a renowned advocate for cyber security in Australia. My journey has been marked by fostering collaboration and propelling the growth of Australia’s cyber security industry.

Key Achievements:

  • Developed strategic initiatives and partnerships that fuel innovation in collaboration with start-ups, industry leaders, government agencies and academia.
  • Recognised thought leader, sharing insights on entrepreneurship, cyber security and public-private sector collaboration.
  • Featured in reputable media outlets, amplifying the significance of cyber security in today’s digital landscape.

I am committed to driving innovation and resilience in the field, leveraging my expertise to align strategies with industry needs and address evolving cyber threats. My role at AustCyber involved close collaboration with various stakeholders to develop strategic initiatives and forge partnerships that fuel innovation.

Less
Kylie Watson CISO at DXC Technology
Kylie Watson is an experienced executive in the Information Technology Infrastructure, Apps, and Services Industry. Driven by a strong client focus, she... More

Kylie Watson is an experienced executive in the Information Technology Infrastructure, Apps, and Services Industry. Driven by a strong client focus, she supports large-scale business and technical transformation, leveraging her expertise in change management and behavioural economics. Kylie excels in leading large sales and delivery teams across multiple disciplines and regions, driving the adoption and embrace of new technologies. She is adept at growing capabilities and skills to meet market demand across Australia, New Zealand, and Asia, and at building partnerships and alliances to solve client challenges.

Kylie has extensive experience working across all industries and is well-connected with key C-suite stakeholders in federal, state, and local government, as well as in retail, mining, oil and gas, utilities, distribution, health, and financial services. She has a proven track record of driving cultural change and embracing diversity and inclusion, earning awards in coaching, mentoring, and innovation.

With over 25 years of executive leadership experience in technology and consulting, spanning multiple industries, international geographies, and platforms, Kylie is well-versed in Google, AWS, IBM Cloud, and Azure. Her solution experience and qualifications include cybersecurity, data, AI, cloud, and change management. Additionally, she is an AI ethicist with some quantum computing capability.

Kylie is also a media spokesperson, keynote speaker, and author on technology topics, and serves as an advisor to universities and government agencies on cyber, technology research, and education.

Less
Catherine Rowe Global CISO, Previously at QBE Insurance
Catherine is an accomplished senior executive with extensive expertise in cyber security, risk management, technology, law, and governance. She has a proven track... More

Catherine is an accomplished senior executive with extensive expertise in cyber security, risk management, technology, law, and governance. She has a proven track record of leading cyber security operations and transformation initiatives, specialising in protecting businesses from evolving cyber threats and implementing effective risk management strategies.

As a trusted advisor to senior leaders, Catherine works closely with executives, boards and regulators to drive strong customer and business risk outcomes.

Most recently, she served as the Global CISO for QBE Insurance Group. Prior to that, she held senior leadership roles in the finance industry, where she led the delivery and transformation of enterprise-wide critical cyber security controls, as well as programs of work to uplift non-financial risk governance across board and senior executive teams.

Catherine began her career as a lawyer, spending 15 years in both private practice and in-house roles, advising major corporations and government entities on technology, cyber security, outsourcing and compliance.

Her unique blend of legal, technical, and strategic expertise positions her as a dynamic and influential leader in the ever-evolving cyber security landscape.

Less
security transformation compliance