Journal article

How Australia can catch up to U.S. cyber resilience by understanding that cyber survivability test and evaluation drives defense investment

Computer networks Cyber security Cyber intelligence Australian Defence Force Australia United States of America

The cyber threat to Australia’s Department of Defense (DoD) is not only information security, but includes preventing its platforms from being crippled. This threat is increasing and Australia is not keeping pace with its allies. Since 2009, the United States has used test and evaluation (T&E) policy and practice to inculcate the threat posed by cyber warfare into the development, acquisition, and fielding of all of its DoD platforms. As a result, U.S. defense chiefs understood early the operational vulnerability of their systems to cyber warfare, and of the necessity of designing more cyber-resilient systems. Australia has not required such cyber-security T&E and therefore may be blind to the operational vulnerabilities of its major platforms to cyber attack and is therefore likely to continue to underinvest in the cyber resilience of its capabilities. This article argues that the Australian DoD needs to urgently conduct operationally-focused cyber-survivability trials that leverage its alliance with the United States. In studying the growing divide in cyber security between these two close allies, this article’s contribution is concluding that representative cyber threats in operational T&E is a crucial first step for any country to gain understanding and appropriate investment in DoD cyber security.

Publication Details