When the landmark trilateral security agreement, AUKUS was announced in 2021, ‘Pillar I’ - the delivery of a nuclear-powered attack submarine capability to Australia - dominated both local and international news.
But what about Pillar II?
This lesser-known part of AUKUS, has far reaching potential impacts, especially as it relates to the cyber security of our nation.
So much so, that whether you’re a plumber, a logistics manager, or a lawyer - to be part of any supply chain related to the defence industry in Australia, you’re going to have to meet Federal cyber security obligations.
Pillar II is as complex as its subject matter, encompassing not just cyber capabilities but also artificial intelligence, quantum technologies, information sharing and more.
The good news is that AUKUS and its many and varied implications and opportunities will be front and centre at the upcoming CyberWest Summit on May 15th and 16th by CyberWest Hub.
As Richard Baker, President of AIDN, says “AUKUS is an amazing milestone in Australia’s history, representing an evolutionary leap that will benefit all Australians for generations. What we are doing as a nation in scale and capacity is building an entire industry and capability from scratch. It’s breathtaking and something we will all be proud of in years to come.”
What is Pillar II and why is it important for businesses in Australia?
Pillar II of AUKUS has the potential to be transformative for Australia’s defence sector.
When stripped down to its impact on Australian organisations, Pillar II will improve the cyber hygiene of every business participating in a defence contract, at every point of the supply chain.
That means cyber security, is no longer an optional process for businesses, it’s a basic requirement.
This idea forms the thesis of the CyberWest Summit, which is being billed as ‘the cyber conference for people who aren’t in cyber security’ as it seeks to demystify the legislation, requirements and opportunities around cyber in the defence and other key sectors in WA.
Cecily Rawlinson, Director of CyberWest Hub speaking at CyberWest Summit
What does being cyber secure look like in a defence context in 2023?
There are several pathways and priorities to consider if your business intends to stay competitive in a defence context by placing cyber security at the fore.
There are two key programs to be aware of: DISP and CMMC.
The Defence Industry Security Program (DISP) is a tiered membership program open to Australian businesses looking to become part of the Defence supply chain.
With both a personnel and digital component, for most organisations, it’s the digital that brings challenges. Key considerations include supply chain risk management and adherence to the top 4 strategies from the Australian Signals Directorate, known as the "Essential 8"
In the US, the approximate equivalent of DISP is the Cybersecurity Maturity Model Certification (CMMC). As AUKUS progresses, and more American companies make their way to Henderson, there may be new CMMC requirements imposed on Australian companies at some level.
Although the Defence Industry Vendor Qualification Program is still to be finalised, it will enable Australian companies to have access to AUKUS partner markets. This will shine an international spotlight on Australian Defence Supply Chain SME’s for the first time.
Adam Bennett, CEO of Red Piranha says, “to maintain an in-country defence capability across cutting edge technology, we must give our brightest the chance to grow within an ecosystem that fosters this individual development. And that’s exactly what the CyberWest Summit does - and why it’s so important”.
Taking the first steps towards cyber hygiene - practical tips from a cyber security expert
Sudesh Ranasinghe, Director of Perth cyber security consultancy Lokusec, is bullish on the opportunities that cyber can provide to businesses of all shapes and sizes.
“These certifications set you apart when you bid for work - especially when you bid for work with the primes in Defence. It allows them to trust you with greater sensitivity - but how you demonstrate that competence is important”, says Mr Ranasinghe.
Principal of Altrium Security, Aaron Doggett, has more than 20 years of experience in the cyber sector and similarly posits that “there are a growing number of opportunities for Western Australian firms – large and small - in delivering into the Defence supply chain.”
On the CyberWest Summit he says “it provides a great opportunity for those in industry wanting to understand relevant cybersecurity challenges, and gain good insights and directions on how to address them from trusted, local providers”.
CyberWest Summit 2023: Exhibition Hall
The CyberWest Summit is a key conduit for understanding AUKUS from a WA perspective
CyberWest Summit on 15 and 16 May 2024, is all about providing jargon-free, hands-on cyber education and up-skilling tailored for all business leaders, not just those with a technology background.
With a focus on businesses sitting within critical infrastructure supply chains and government agencies, this is one of the few places such topics will be openly discussed, making them immediate and invaluable cyber insights for the WA market.
Final release tickets available, book now: https://www.cyberwestsummit.com.au/