Building cyber resilience in a volatile world

By
Follow google news

How federal agencies can navigate modern threats through strategic frameworks and partnerships.

Australia is one of the top five most targeted nations for cyber attacks, and federal agencies are on the frontlines of the digital battlefield.

Building cyber resilience in a volatile world

Geopolitical tensions in the Indo-Pacific have collided with a cybercrime economy so vast it rivals the world’s third-largest GDP. Espionage campaigns are probing critical infrastructure, AI-powered attacks are multiplying, and supply chains are being weaponised.

The scale of the challenge is staggering. In 2024 alone, FortiGuard Labs detected 3.1 trillion attack attempts, blocked 2.5 billion malware threats, and neutralised 42 million previously unknown variants. “That’s the reality agencies are up against,” said Steven Woodhouse, field chief information security officer, Australia and New Zealand, Fortinet. “The threat environment is moving at machine speed, and, unless government systems evolve just as quickly, they’ll always be a step behind.”

To counter this, the old playbook of patching systems and ticking compliance boxes is finished. Survival now depends on resilience and developing the ability to absorb hits, adapt fast, and keep operating under fire.

The government knows this. Its 2023–2030 Cyber Security Strategy, backed by $586.9 million in fresh funding and billions more in existing programs, is the clearest signal yet that cybersecurity is a matter of national endurance, not IT hygiene. The Protective Security Policy Framework (PSPF) has been toughened to mandate rigorous asset stocktakes, manage foreign influence risks, and enforce unified controls. Agencies can no longer afford silos or half-measures.

“Good enough” security simply isn’t good enough

More than half of Australian organisations have already been targeted with AI-driven threats, including malware that morphs in real time, phishing campaigns that outwit human intuition, and automated attacks that strike at machine speed. By 2027, cybercrime will cost the world nearly US$24 trillion.

The escalation of these threats means that there’s a countdown clock for federal systems that hold the data, infrastructure, and decision-making lifeblood of the nation. Supply chain attacks show just how fragile the ecosystem can be, given that when one link breaks, the shockwaves ripple across agencies and sectors.

That’s why the shift away from outmoded ideas of “prevention” by building walls around environments to a new kind of resilience is so stark. For example, zero trust is no longer optional; it’s the baseline. Verification must be constant, and assumptions about “safe” internal networks belong in the past.

Meanwhile, AI governance and quantum-resistant cryptography have jumped from academic conversations to immediate government standards. Institutional muscle is being flexed too. The National Office of Cyber Security has been set up as the coordination hub for major incidents. The Privacy Act now packs financial penalties that bite hard, with penalties of up to $50 million or a third of turnover for repeated failures.

Threat-sharing with the Australian Signals Directorate is also now mandatory. And through the Secure by Design initiative, procurement and development practices are being re-wired so security is baked into technology from day one. These moves change the ground rules. Agencies can’t just build taller walls; they must build smarter systems.

But frameworks and penalties alone don’t stop the onslaught. Agencies need resilient architectures that can see across sprawling attack surfaces, detect threats at scale, and respond instantly. “Unified visibility is crucial,” Steven Woodhouse said. “If you can’t see the threat surface, you can’t protect it. That’s where platform approaches make the difference.”

The shift to hybrid work only adds complexity. The perimeter is gone. Employees log in from secure offices, remote homes, and everywhere in between. Data moves across clouds, devices, and networks. Secure Access Service Edge (SASE) models are now essential, fusing networking and security in the cloud so agencies can maintain control no matter where their workforce operates. “Government teams need agility,” Steven Woodhouse said. “SASE makes it possible to enforce consistent policies and spot anomalies, even when staff are working from thousands of different locations.”

Local presence matters just as much as global reach. Australian agencies can’t rely solely on overseas providers who don’t grasp the nuance of our environment or our adversaries. They need partners with boots on the ground, who understand federal frameworks and can move fast when crises hit. Cybersecurity is ultimately most successful when it’s seen as a joint fight where government and industry stand shoulder to shoulder.

The transformation ahead is as much cultural as technical. Agencies must shift from being static defenders to dynamic operators, and need to be ready to adapt, recover, and press on even as attacks intensify. Cybersecurity is not just another line item in the IT budget, but rather the backbone of national resilience. The ability to keep delivering services, protect citizen trust, and safeguard critical infrastructure is now inseparable from how well agencies manage cyber risk.

Resilience is not built by chance. It’s built through strategy, investment, and relentless partnership. It means turning frameworks into live capability, leveraging industry expertise, and embedding a mindset that sees cyber not as a constraint but as a foundation for confidence and continuity.

Find out more about how Fortinet can help government agencies build cyber resilience.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
cyberthreatfederal governmentfortinetpartner contentsasestate of public sector tech report

Sponsored Whitepapers

Optus Enterprise Mobility
Optus Enterprise Mobility
Life After VMware: Scale Securely with mCloud by Micron21
Life After VMware: Scale Securely with mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
Cut Cloud Costs Without Compromise: Discover mCloud by Micron21
What 4 wholesale distribution challenges aren’t going away anytime soon?
What 4 wholesale distribution challenges aren’t going away anytime soon?
State of the SOC: Building Resilience in a Shifting Threat Landscape
State of the SOC: Building Resilience in a Shifting Threat Landscape

Events

Most Read Articles

Australian MSPs Are the Critical Players in Safe AI Adoption for SMEs

Australian MSPs Are the Critical Players in Safe AI Adoption for SMEs
AI is everywhere but who's accountable?

AI is everywhere but who's accountable?
You can't outsource risk, warns Brennan's cyber chief

You can't outsource risk, warns Brennan's cyber chief
The Hidden Cost of Security Misconfigurations in the Critical Infrastructure Industry

The Hidden Cost of Security Misconfigurations in the Critical Infrastructure Industry
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?