The Australian government’s ambitious 2023-2030 Cybersecurity Strategy has incurred costs of over $2.8 million so far, without any finalized strategy to show for it.
Responding to a question from Senator James Paterson during a senate estimates session in May, the Department of Home Affairs revealed that, in addition to staffing expenses, they had spent $2.8 million on the development of the cybersecurity strategy.
Leading the charge in the strategy’s development, KPMG emerged as the primary beneficiary, receiving close to $2.4 million. Their services included the creation of briefings, background content, stakeholder engagement and meeting minutes for industry discussions, as well as managing the overall project.
CyberCX, a key player in the cybersecurity industry, was paid $170,500 for their report analyzing approaches to global threat sharing and threat blocking. Meanwhile, Clyde and Co. provided specialist legal advice, earning just over $63,000.
The current government restarted the cybersecurity strategy development process in August 2022 and released a discussion paper in December of the same year to gather insights for the new strategy.
Although some submissions to the discussion paper have been individually published, the department has not yet made all submissions publicly available.
Regarding the expected cost of initiatives under the strategy, the Department of Home Affairs stated that they could not provide a breakdown as the strategy is yet to be reviewed and approved by the government.
