While you’re here… help us stay here.

As we confront the economic impacts of the pandemic, we need your support even more. So that we can continue to bring you the latest in policy and research, please donate to APO.

Briefing paper

In December 2016, RAND and the National Security College at The Australian National University partnered to facilitate a cyber security–focused 360º Discovery Exercise in Canberra.

Key findings

  • An interdisciplinary exercise generated three overarching policy recommendations to improve cyber security in Australia: Create and enforce technology security standards, craft international agreements to address cyber security challenges, and improve risk awareness to keep users safe online.

  • There was broad consensus that the policy domain will continue to struggle to keep pace with technological change. Therefore, ideas and solutions deemed most desirable allowed innovation to flourish while setting standards for security and creating mechanisms for responding to attacks.

  • Debate among exercise participants indicated an underlying tension between risk-based approaches and compliance-based interventions to improve cyber security.

  • The solutions identified are not immediately executable. Future exercises could consider their secondary and tertiary effects, and this type of analysis is essential before solutions can be implemented.

  • Future exercises could consider how policy development, including the Australian Government’s next Cyber Security Strategy, should challenge assumptions about government roles, responsibilities, and authorities and incentivise a broader range of government and non-governmental stakeholders to participate in building and implementing cyber security solutions

Publication Details
License type:
All Rights Reserved
Access Rights Type: