"Australia’s cyber and information operations capabilities must be scaled up and optimised.
Under project REDSPICE, the Australian Signals Directorate is significantly expanding its signals intelligence and cyber capabilities and capacity.
Defence must enhance its cyber domain capabilities to deliver the required responsiveness and breadth of capability to support ADF operations. This must focus on: integrating the defence and management of Defence’s C4 networks and architectures; delivering a coherent and, where possible, centralised cyber domain capability development and management function; and building and sustaining a trained Defence cyber workforce."
"Defence must also continue to develop its cyber and space capabilities." page 7Good.
"To maximise the deterrence, denial and response options for the Government, the ADF must evolve into a genuine Integrated Force which harnesses effects across all five domains: maritime, land, air, space and cyber." page 19
"In the contemporary strategic era, we cannot rely on geography or warning time. Regional military modernisation, underpinned by economic development, has meant that more countries are able to project combat power across greater ranges in all five domains: maritime, land, air, space and cyber. Emerging and disruptive technologies are being rapidly translated into military capability." page 24
"Cyber warfare is not bound by geography." page 25So what are the implications of cyber war not being geographically bounded?
"Internal measures have included: increased defence and national security spending; the reorganisation of elements of the national intelligence and national security community; substantial investments in cyber security;" page 33In particular?
"Deterrence strategy and practice is evolving. In military terms it now spans five domains: maritime, land, air, space and cyber." page 37Is deterrence effective in the cyber domain?
"Although invasion of the Australian continent is a remote possibility, any adversary could seek to coerce Australia through cyber attacks ..." page 37
Could the attacks be made in a coordinated enough way to be useful for coerce? Under international law, Australia need not respond to cyber attack with a cyber attack, it can use missiles, bombs, and troops.For example, having backups."Resilience requires the ability to withstand, endure and recover from disruption. ... robust cyber security, data networks and space capabilities;" page 38
The strategy of denial must also recognise the importance of non-geographic security threats, including cyber, space and long-range missile capabilities." page 49
"The adoption of this approach will necessarily lead to a very different force structure and posture to what the ADF has today. More attention and resources must be devoted to crucial future-focused joint capabilities such as information warfare, cyber capabilities, electronic warfare, and guided weapons and explosive ordnance." page 51
How many cyber and information warfare troops does the ADF have? How many do they need? Will the ADF pay enough to retain them?
"The evolution to five domains – maritime, land, air, space and cyber – demands a new approach." page 54
"Defence’s cyber security arrangements should be enhanced in
close collaboration with the Australian Signals Directorate." page 83
"Defence’s cyber security operations capability in Chief
Information Officer Group should be increased and legacy systems and platforms should be decommissioned." page 83
"Options should be developed to change Defence’s recruitment framework to improve the eligibility pool of potential applications and to align service recruitment requirements to military employment, especially in key technical and specialist trades (cyber, engineering, space, etc.)." page 88
"The Government also notes that in the contemporary strategic environment, developments in cyber, space and long-range precision strike mean our defence interests are not bound by geography alone." page 103
"A comprehensive framework should be developed for managing operations in the cyber domain that is consistent with the other domains. Agreed"
"Defence’s cyber domain capabilities should be strengthened to deliver the required breadth of capability with appropriate responsiveness to support ADF operations. Agreed in-principle" page 106
"Options should be developed to change Defence’s recruitment framework to improve the eligibility pool of potential applications and to align service recruitment requirements to military employment, especially in key technical and specialist trades (cyber, engineering, space, etc.). Agreed" page 107
"Defence’s cyber security arrangements should be enhanced in close collaboration with the Australian Signals Directorate. Agreed" page 108