Dr Thompson believes cybersecurity needs to be reprioritized in the national psyche.
Macquarie Telecom Group has announced the appointment of former head of the Australian Defense Force’s Information Warfare Division, Major General (retired) Marcus Thompson AM PhD, as senior advisor within the company’s newly established federal government advisory board.
Dr Thompson joins Macquarie following a 34-year career in the Australian Defense Force, during which he was Defense’s inaugural Head of the Information Warfare Division (IWD), which coincided with Defense recognizing cyber as a battlefield domain for the first time.
Under Dr Thompson’s leadership the IWD defended Australia’s military assets and information from foreign cyberattacks, and the country’s defense cyber capabilities grew into a world class counter offensive cyberforce.
Speaking on his appointment, Dr Thompson said the decision to join Macquarie was fuelled by a desire to champion three causes close to his heart: prioritizing Australia’s national cybersecurity defense; moving Australia’s digital supply chain onshore to protect Australia’s sovereign information; and building Australia’s sovereign cyber capability to better support its cyberdefenses, stimulating national economic growth in the process.
“Macquarie shares my view that cybersecurity needs to transform from a fleeting thought in the national psyche to an issue that is front and center with the private sector, government and the population at large. In my previous role I’ve seen firsthand just how important cybersecurity is to every aspect of our society,” Dr Thompson said.
“The government’s Cybersecurity Strategy 2020 was a step in the right direction. It has put greater maturity into conversations about cybersecurity. Australia needs board members and executive teams to develop their expertise in cybersecurity further, and to cement cyber as a central business operational risk – one that’s mission critical to corporate planning.”
The appointment of Dr Thompson comes just weeks after then Home Affairs Minister and newly appointed Defense Minister Peter Dutton highlighted how cyberattacks against Australian businesses are on the rise. In March the Australian Federal Police also labelled 2021 the year of the cyber-criminal, and the Australian Security Intelligence Organization (ASIO) shared its prediction that espionage by nation-state hackers will surpass terrorism as the biggest threat to Australian security by 2025.
Evidence of regional tensions seeping into the online world has formed the basis of Dr Thompson’s rallying cry, that all levels of Australia’s digital supply chain can and should be resident in Australia.
“The fact remains that most of the time we don’t know where our data is stored or who can access it. Much less the laws to which the companies storing and accessing it are subject,” he said.
“The risk this poses to our cybersecurity and data protection are very real. It necessitates the use of digital supply chain providers that are majority Australian owned and operated and subject to sovereign controls.”
Beyond the threat posed by nation-state hackers, Dr Thompson said Australia should prioritize local technology, cloud and cybersecurity providers to cultivate local industry, create jobs and capability that will drive economic recovery following the COVID-19 pandemic, uplifting Australia’s national cybersecurity posture in the process.
“The government is doing this with defense industry through major procurement of land and naval platforms. It should do the same in cyber where we are already served by local industry capability that is world-class,” he said.
Macquarie Telecom Group CEO David Tudehope welcomed the appointment. He said: “Marcus embodies what we value most – maximizing Australia’s sovereign skills and capabilities, and keeping Australian data stored and protected onshore. Collectively, we need to amplify the voices of experts like Marcus who have dedicated their careers to protecting Australia’s people and our way of life.”
Dr Thompson’s appointment follows the launch of Macquarie Telecom Group’s IC5 government-certified data center in Canberra, which supported more than 400 jobs in the ACT throughout 2020.
We asked Dr Thompson further questions about his opinions on protecting Australia’s cybersecurity.
Why is it so important to move Australia’s digital supply chain onshore to protect the country’s sovereign information?
Across Australian society and indeed across the developed world, our lives are increasingly digitized. This means all our personal information needs to be stored and secured somewhere, and if this is in an offshore data center, questions need to be asked about who has access to it and under whose national laws it is subject.
Increased tensions with China, a constant flow of fake news, frequent references to cyberattacks conducted by sophisticated state actors and public announcements on foreign espionage have placed sovereignty front-and-center in the Australian psyche. With so much going on, do we really want ambiguity around where our information is stored, and the digital infrastructure it is connected to?
A sovereign supply chain is the logical solution. Not only will this reduce risk, it will also increase Australia’s digital capability and create jobs to kickstart our economic recovery following the recession brought about by the COVID-19 pandemic.
Can you explain how better cybersecurity can stimulate the national economy?
Put simply, a strong cybersecurity defense must be a national priority given the current threat environment. This will create jobs in an industry that has a lot of room to grow; and will save businesses the excessive costs of recovery following a cyberattack, enabling further investment in areas of growth.
To my first point, I believe a greater emphasis should be placed on cultivating a sovereign cybersecurity industry. There is currently a cybersecurity skills shortage in Australia. Last year the federal government’s Australian Cybersecurity Growth Network, AustCyber, reported that between October 2019 and September 2020, there were 4500 openings for IT security specialists but only 4100 positions were filled.
There are some fabulous cyber companies in the market right now, that are either wholly or majority Australian owned. If public and private organizations prioritize partnerships with these local companies, it will allow them to grow and attract talent into the sector through educational programs.
To my second point, better cybersecurity will reduce the amount of cyberattacks that occur and the damage that results from the attacks that get through. Once these hackers are in deep enough, they can seriously prevent organizations from conducting business – costing them lots of money. Better cybersecurity will reduce the wasted costs businesses need to spend when attacks occur.
How can you ensure that cybersecurity transforms from a ‘fleeting thought in the national psyche to an issue that is front and center’ with the private sector, government and the population at large?
By joining Macquarie Telecom Group’s federal government advisory board, I will increase the strength and frequency of cybersecurity conversations with government. Our new Home Affairs Minister, Karen Andrews, has listed cybersecurity among her top portfolio priorities, so it will be interesting to see how this plays out in the coming months.
Unfortunately, cyberattacks launched against Australian entities are increasing and diversifying. Recently, the Nine Network, which runs one of the highest rating television channels in Australia, was hacked causing a major disruption to its live broadcast.
Further, in April, healthcare provider UnitingCare Queensland was the victim of a cyberattack, which took its hospitals and aged care facilities offline. These shocking incidents were widely reported, bringing the real-life implications of cybercrime into the national psyche.
It’s unfortunate that it takes stories like these for people to sit up and pay attention to the very real threat of cybercrime. It is my hope that we can now go on the front foot and prioritize Australia’s cyberdefense so that our people, information and critical infrastructure are kept safe.
Is the threat posed by nation-state hackers getting worse? If so, is there anything that can be done about it?
Evidence points towards the threat by nation-state hackers increasing. On top of the warnings by ASIO, and the proliferation of cyberattacks launched against our government and businesses, regional tensions between Australia and other nations are increasing in the offline world. It is not difficult to imagine this tension seeping into the online world, with attacks all too possible when our information is stored in foreign-owned or foreign-controlled facilities.
What we need to do is bring our sovereign information home and store it in secure data centers; educate board members about the real threat of cybercrime, letting them know that a solid cybersecurity strategy is not just a ‘nice-to-have’ but an essential business requirement; and cultivate local cloud, technology and cybersecurity industries so we are less reliant on foreign entities.
Click below to share this article