
Cyber security – vital for future industry growth
Cyber security has never been more important, both as an enabler for Australian industry and as a source of economic growth itself.
Vision for Australia’s Cyber Security Sector
A globally competitive Australian cyber security sector that enables Australian organisations to pursue digitally driven growth, and supports greater trust and confidence to participate in the international economy.
As an enabler for industry, cyber security’s importance is being driven by the global business environment becoming increasingly interconnected and reliant on data and digital technologies. As a result, organisations need to think of cyber security not just in terms of compliance and risk mitigation, but as an essential business function that is fully embedded in processes and systems.
And as a source of economic growth itself, Australia’s burgeoning cyber security industry has a unique opportunity to deliver services and solutions in a globally-competitive, export-facing industry.
This Roadmap primarily focuses on the first aspect: the role cyber security (as a horizontal sector) can play in enabling growth opportunities in other sectors. In particular, the report concentrates on the priority Australian sectors aligned with Australian Government’s Industry Growth Centres initiative.

At present, Australia’s cyber security sector is small; however, it is forecast to triple its revenue over the coming decade due to increased demand for cyber security products and services.
The majority of Australian organisations currently lack the capacity to employ large internal cyber security teams which, in turn, creates demand for external, often international cyber services.
AustCyber’s Cyber Security Sector Competitiveness Plan – a companion to this Roadmap – provides details about the cyber security industry and skills requirements that will allow the Australian sector to capture value from this increased demand.

Digital trends transforming industry
Digital transformation is providing numerous Australian industries with unparalleled opportunities for value creation.
These trends illustrate that digital technologies, connectivity and automation are having a profound impact on the way organisations operate. These trends are not discrete, and exert an influence on an evolving cyber security threat landscape, with diverse and unanticipated cyber security risks now affecting businesses, governments, and people.
Each trend creates cyber security implications for Australia’s industries, and will create opportunities for Australia’s cyber security sector.
![]() |
Increased data exchangeThe volume of data generated and exchanged between equipment, people and businesses is leading to meaningful insights that support disruptive business models and technologies. |
![]() |
Enhanced experiencesDigital technologies are allowing people to have increasingly personalised and enhanced experiences, which is leading to changes in human expectations and behaviours. |
![]() |
Globally connectedGlobal connection through the digital world is enabling trade, empowering people with access to information and novel products and services; and allowing seamless communication for improved social connections. |
![]() |
Transformed supply chainsDigital technologies are transforming supply chains, creating greater transparency, increasing efficiencies and blurring traditional boundaries. |
Delivering a cyber secure future
Australia’s small but well-developed market provides an exemplary testing ground for pilot programs to then be rolled out in larger economies.
Three themes have been developed via diverse industry consultation to understand how cyber security solutions can lead to more effective organisation and business operations, and improve Australia’s overall cyber security posture to take advantage of digital transformation. Industry can engage immediately, in the short and medium terms in these themes, which are: (1) trusted ecosystem, (2) secure by design, and (3) robust and resilient. The themes cut across sectors, and discuss how Australia can embed cyber secure behaviour by building trust, improving design processes and raising overall cyber-resilience.
These themes build on the goals established by AustCyber to: (1) grow an Australian cyber security ecosystem, (2) export Australia’s cyber security to the world and (3) make Australia the leading centre for cyber education.
As cyber security solutions move from being a post-development consideration to a design-phase consideration that is tightly integrated with the industry vertical, time to market will improve, as will the reputation of the products and services being developed in Australia.

Trusted ecosystem
Creating digital ecosystems that are highly trustworthy, allowing for rapid exchange of information and providing a stronger environment for trade.
Trusted partners
User-friendly and trusted sharing of information within supply chains, with third parties and with customers.
Threat intelligence sharing
Information about credible cyber security threats is shared within industry efficiently, allowing credible threats and risks to be quickly understood.
Collaborative demonstration projects
Demonstration projects illustrate how a trusted ecosystem may be established to create commercial value within Australia’s priority growth sectors.
Resources and guidelines
Best-practice guidelines and tailored cyber security assessment resources are available, customised to Australia’s various industries and adaptable to the unique circumstances of businesses.
Onshore capability
The judicious procurement of locally developed cyber security solutions is encouraged where available, helping to maintain a critical mass of onshore cyber capabilities.

Secure by design
Ensuring new products, services, platforms and processes are designed with cyber security as a key consideration.
Assurance of secure products
Guidelines establish a baseline for built-in cyber security in products and services that harmonises with international standards, allowing for improved exportability.
Secure by design skills in workplaces
Cyber security workplace skills are strong. Companies involved in the development and commercialisation of new technologies embed strong cyber security early in the design process.
Security embedded in ICT training
The gap between cyber security and ICT education is bridged by embedding more cyber security aspects into all tertiary information technology courses.
Research and industry collaboration
Australia’s cyber security sector and the research community collaborate to help Australian industry underpin innovation with strong cyber security.
Secure trade and supply chains
Contractual negotiations and trade agreements clearly integrate cyber security measures in the development phase, leading to much greater security across supply chains.

Robust and resilient
Building greater cyber maturity and resilience in Australian industry and communities by developing a robust security culture.
Awareness in the community
Community awareness about the importance of cyber security is strong, supported by a targeted, high-profile education campaign.
Workforce skills
Awareness of cyber security basics in the context of workplaces is strong throughout all levels of staff, with companies adopting appropriate risk based practices.
Frameworks for cyber security
New frameworks and improved governance enables more innovation, while ensuring cyber resilience is prioritised.
Strong leadership
Executive and Board level cyber security literacy and education initiatives are supported and well attended, leading to improved cyber security awareness within company leadership structures.
Australia’s reputation
Australia’s cyber security sector in collaboration with the priority sectors have built a national reputation for cyber security excellence across key cyber security pillars, leveraging strengths of the research community.
Universal cyber care
Technology solutions focused on helping to raise the general cyber security hygiene of the Australian public and businesses have been investigated and developed.
Actions for cyber secure growth
Realising the themes requires change via collaborative action, with the Australian cyber community working closely with businesses, research institutes, governments, industry associations and the Industry Growth Centres. Presented over immediate to medium-term timeframes, each action is aligned to one or more of the themes. Many of the immediate actions are already in process in cyber literate sectors such as finance and defence; however, further consideration is required in order for them to be implemented across broader Australian industry.
Trusted economy
Secure by design
Robust and resilient
|
Immediate |
Short Term (1-3 years) |
Medium Term (3 – 5 years) |
---|---|---|---|
![]() Guidelines and frameworks |
|
|
|
![]() Threat intelligence sharing |
|
|
|
![]() Skills and training |
![]() Improve cyber literacy in |
|
|
![]() Cyber security awareness |
|
Ongoing |
|
![]() Collaboration with Australia's growth industries |
|
|
|
![]() Improved cyber-physical systems |
|
|
|
For detailed information on actions, please see chapter 3 of the PDF.
Cyber security for Australian industry
To be truly effective, Australian industry and the cyber community must tailor the enabling themes and actions to each industry’s specific opportunities for growth, such as the examples given in the diagram below.
By unpacking growth opportunities presented within the themes in this report, Australian industry and the cyber security sector can both work towards the development of competitive offerings for local and international markets.
For Australia to be globally competitive, cyber security must underpin the data-driven transition of every sector in the economy.
Medical Technologies and Pharmaceuticals (MTP) |
![]() |
|
---|---|---|
Opportunity for growth | Company value creation | Cyber security challenges |
Diagnostic products and services Novel business and service models around the collection, interrogation, interpretation and packaging of medical and population data. |
|
|
Priority actions | ||
|
|
Mining Equipment, Technology and Services (METS) |
![]() |
|
---|---|---|
Opportunity for growth | Company value creation | Cyber security challenges |
Data driven mining decisions Using data throughout the mining lifecycle to optimise mining operations, reduce timeframes for making high value decisions and optimise response to market demands. |
|
|
Priority actions | ||
|
|
Advanced manufacturing |
![]() |
|
---|---|---|
Opportunity for growth | Company value creation | Cyber security challenges |
Customised high margin solutions Develop manufacturing services that integrate suppliers and customers to provide customised products that can generate higher margins. |
|
|
Priority actions | ||
|
|
Oil and gas |
![]() |
|
---|---|---|
Opportunity for growth | Company value creation | Cyber security challenges |
Digital operations and maintenance Transform operations and maintenance activities across onshore and offshore developments through integration and adoption of digital technologies. |
|
|
Priority actions | ||
|
|
Food and agribusiness |
![]() |
|
---|---|---|
Opportunity for growth | Company value creation | Cyber security challenges |
Premium interactions Export products that generate a premium price due to their quality and novel attributes, underpinned by the ability to provide accurate reporting on provenance. |
|
|
Priority actions | ||
|
|