The ADF’s Information Warfare Division needs more staff and a clear framework
Posted By
Thomas Paterson
on December 20, 2018 @ 12:30
As China and Russia stepped up their offensive cyber capabilities, Australia responded in the 2016 defence white paper by
investing $400 million in improving its ability to protect its own systems and to respond to attacks.
That included
creating an Information Warfare Division in the Australian Defence Force with
responsibility for both offensive and defensive cyber activities. The goal was to make the ADF, and the Department of Defence more broadly, an integral part of the nation’s cybersecurity
capability.
The increased focus on cybersecurity was
timely given Moscow’s escalating use of cyber tools for online influence operations and China’s open ambitions to become a ‘cyber superpower’. Last month’s revelation that hackers accessed the computer systems of Australian defence shipbuilder
Austal underscores the need for the government to further increase Australia’s cyber capability—not just to harden public institutions against attacks, but to encourage and enable the private sector to do
likewise.
Australia’s cyber defences can only be as good as the people employed to set them up and operate them. If the Information Warfare Division is going to generate an effective offensive and defensive cyber capability, it needs to attract skilled and intelligent young workers. Unfortunately, there’s already a
shortage of cyber professionals in Australia and it will be difficult for the division to get the new talent it needs.
The division had 100 staff when it was
launched in July 2017. In 2018, 49 Defence personnel
graduated from the inaugural ‘Accelerated Defensive Cyber Training’ course, which the
ADF plans to run again in 2019 and 2020. Unless it increases cohort sizes or runs more than one course a year, Defence won’t be able to generate the 900 staff that the division has
aimed to recruit by 2027.
In fact, the division needs more than 900. A standing force of that size requires a
supply pool of around 3,000 trained personnel to allow for leave, reassignment to other posts and turnover.
The
announcement that Elbit Systems of Australia has been awarded a three-year contract to provide further cyber training to the ADF will go some way towards helping qualify the required number of operators. The 49 graduates of the accelerated training course will be the first personnel to use the new cyber training range.
Defence must ensure that high-ranking ADF members in command positions are also receiving cyber education and training so that they’re well
equipped to effectively lead on cyber issues.
The cyber
threats to Australia are only going to
increase. Because the Information Warfare Division will be
expected to contribute offensive cyber capabilities to the battlespace, the ADF will need to have a comprehensive policy and legislative framework governing the employment of offensive cyber in operations. The division needs clear direction and an actionable policy to be able to
translate the government’s strategic intent into operational and tactical success.
If a clear policy framework isn’t developed that
outlines how the ADF is to do this, there’s a risk that money and capability won’t be used effectively.
Thomas Paterson is a master’s candidate at the Strategic and Defence Studies Centre at the Australian National University and was an ANU research intern at ASPI in 2018. Image courtesy of the Department of Defence.
Article printed from The Strategist: https://www.aspistrategist.org.au
URL to article: https://www.aspistrategist.org.au/the-adfs-information-warfare-division-needs-more-staff-and-a-clear-framework/
[1] investing $400 million: https://www.minister.defence.gov.au/minister/marise-payne/media-releases/prime-minister-minister-defence-and-minister-assisting-prime
[2] creating: https://www.aspistrategist.org.au/enhancing-australias-cyber-security-posture/
[3] responsibility for: https://www.aspistrategist.org.au/australias-offensive-cyber-capability/
[4] capability: https://www.pmc.gov.au/sites/default/files/publications/australias-cyber-security-strategy.pdf
[5] timely: https://www.aspistrategist.org.au/australias-international-cyber-engagement-strategy-consequences-in-cyberspace/
[6] Austal: https://www.abc.net.au/news/2018-11-13/iranian-hackers-suspected-in-austal-cyber-breach/10489310
[7] likewise: https://www.aspi.org.au/report/identity-nation
[8] shortage: https://www.computerworld.com.au/article/650122/400-million-cost-australia-cyber-security-skills-shortage/
[9] launched: https://www.computerworld.com.au/article/621324/defence-launches-information-warfare-division/
[10] graduated: https://www.computerworld.com.au/article/646184/government-funds-cyber-training-range-adf/
[11] ADF plans: http://www.contactairlandandsea.com/2018/02/08/adfs-new-offensive-mission-cyber-warfare/
[12] aimed: https://theconversation.com/cyber-revolution-in-australian-defence-force-demands-rethink-of-staff-training-and-policy-80317
[13] supply pool: http://theconversation.com/cyber-revolution-in-australian-defence-force-demands-rethink-of-staff-training-and-policy-80317
[14] equipped: http://www.defence.gov.au/ADC/ADFJ/Documents/issue_204/ADFJournal204_Bridging_the_gap.pdf
[15] threats: https://www.afr.com/news/special-reports/afr-focus-defence/local-defence-cyber-capabilities-growing-but-so-are-the-threats-20180618-h11j2f
[16] increase: https://techwireasia.com/2018/11/understanding-the-state-of-australias-cybersecurity-efforts/
[17] expected: https://www.aspi.org.au/report/australias-offensive-cyber-capability
[18] translate: http://www.defence.gov.au/ADC/ADFJ/Documents/issue_200/Thompson_Nov_2016.pdf