Leading Australian cyber policy researchers are urging faster, broader reforms after the government acknowledged on 1 June 2025 the risk of a nationally catastrophic cyber emergency.
The researchers’ ideas for reform are laid out in a report to be released on 26 July by the Social Cyber Institute under the title, “Cyber Civil Preparedness and Resilience: Twin Strategic Imperatives”.
“Australian cyber emergency policy reform is moving at a fast pace with key government statements in June from the National Office of Cyber Security and the Chief of the Defence Force”, said report co-author Dr Gary Waters.
“The new category of nationally catastrophic cyber emergency now needs to be accompanied by detailed and comprehensive preparedness planning based on lessons from the inquiry into the Covid pandemic”.
“We would expect the government to produce in the near future further analysis of what these preparedness plans might look like”, said Professor Greg Austin, also a report co-author.
“They would need to include not only roadmaps for technical response inside cyber systems to the catastrophic incident but also action plans for consequence management in key economic sectors, delivery of essential services and mobilisation of the citizenry behind inevitably unpopular government decisions”.
Read more: NBN Co signs deal to deliver city-quality broadband via Low Earth Orbit satellites
Professor Glenn Withers AO, Director of the Social Cyber Institute, and one of Australia’s most eminent economists, said “It is time to recognise the economic impacts of national emergencies far more expertly in framing national emergency response. There is progress following the Bushfire and Flood disasters and Covid-19, but we now need also to see the government’s ‘economic toolkit’ for dealing with the extreme cyber emergencies increasingly confronting us.”
This paper outlines considerations to support Australia stakeholders in developing a new paradigm of extreme crises. The paper explains civil preparedness, the need for a national civil preparedness strategy, and associated but separate implementing frameworks for preparedness and resilience.
The analysis discusses critical infrastructure challenges and organisational resilience, as a distinct but entangled element of national preparedness.
The paper makes five recommendations: conducting a national assessment of civil preparedness and resilience, establishing a dedicated office of cyber threat intelligence focused on the economy and society, submitting triennial national assessments to Parliament, building a national cyber catastrophe readiness framework, and developing a new doctrine and legal authorities for a national civil preparedness program.
