Queensland will dip into its $1 billion digital fund and try to make it easier for state and local agencies to buy security technology as part of a sweeping plan to harden the state’s cyber defences.
The measures are among a raft of initiatives outlined in the state’s cyber security strategy 2025-2027, which was released overnight.
A spokesperson for Queensland’s Minister for Customer Services and Open Data, Steve Minnikin, said that the government would pay for system updates that would improve cyber security out of the billion dollar digital fund. The state set aside an additional $40 million specifically for critical cyber security initiatives in its 2024-25 budget.
The state, which has higher than average rates of cyber crime relative to its population, also wants to make it easier for Queensland businesses to connect with cyber security suppliers.
It hopes to support the overall cyber security strategy with improved procurement guidance and tools with the aim of making its systems and supply chains more resilient to attacks.
Minnikin said that the strategy acknowledged the state’s increasing reliance on digital service delivery and the growing threat from cyber attackers.
The strategy paper also noted the growing threat of cyber terrorism, and findings by the Australian Signals Directorate this year that 28 percent of all cybercrimes reported nationally take place in Queensland.
“As Queensland undergoes greater internationalisation, we must redouble our efforts in forging partnerships with the Australian Government, industry, academia, local governments, small and family businesses and Queenslanders, in order to safeguard our services and information, prepare for and prevent cyber threats and sharpen our focus on our response and recovery capabilities,” Minnikin wrote in the paper's executive summary.
The strategy is intended to complement the federal government’s 2023-2030 Australian cyber security strategy.
In addition to procurement and spending measures, Queensland is hoping to address a yawning skills gap for cyber capability that impacts the state.
The state cited research that found Australia was wanting for 30,000 workers skilled in cyber security disciplines.
It said it would take steps to help agencies identify skills gaps in Queensland’s workforce and “create impactful opportunities and prioritise workforce diversity in order to bring new perspectives, capabilities and talent to bolster new and innovative approaches”.
Parts of the state’s new security posture bear a resemblance to that recently taken by Home Affairs.
Home Affairs recently told iTnews that it would streamline its whole-of-government security vetting procedures for Commonwealth technology suppliers, but said it expected them to be more diligent about cyber security.
It issued a new directive that will allow federal government suppliers to avoid going through duplicate risk assessments when selling into non-corporate Commonwealth entities.
However, Home Affairs deputy secretary Brendan Dowling said that the privilege would come at cost: security could no longer be considered a premium addition to purchases.
“What we say to industries is that we will make this process more efficient and easier to access for you, but we do expect you to prioritise security in your products and not at a premium, not as an afterthought, but as a core design feature of your products,” Dowling said.
“So yes, the risk assessment process will be easier, but you will also be set a really clear bar to meet in terms of security”.
.png&h=140&w=231&c=1&s=0)
.png&w=100&c=1&s=0)
Digital NSW 2025 Showcase
_(1).jpg&h=140&w=231&c=1&s=0)
