#NSBCS.024 - A Match of Bytes and Boundaries - Comparing the state of the Australian & UK Cyber Market

A Match of Bytes and Boundaries - Comparing the state of the Australian and UK Cyber Market

Australian and UK sporting rivalries date back centuries, full of seminal moments and bragging rights. From Peter Siddle’s Birthday Ashes hat-trick to Johnny Wilkinson’s World Cup-winning drop goal, a single sporting moment can define a generation. But how do the two countries match up in the world of information and cybersecurity? Read on for an overview of the comparative Australian and UK cybersecurity markets and what significance this has in the global context.

A Tale of Two Markets

As we mark a year since the implementation of Australia’s 2023-2030 Cyber Security Strategy, the cybersecurity market in Australia is projected to grow by 11.5% from last year’s figure to over $7.3 billion (Computer Weekly, March 19, 2024). The strategy prioritizes bolstering cybersecurity skills across various sectors, creating a pipeline of talent to tackle emerging threats.

In comparison, the UK's cybersecurity sector is estimated to be worth almost three times that of Australia, at $20.16 billion (Statista, 2023). The UK's National Cyber Strategy 2022 outlines the expansion of initiatives like the National Cyber Security Centre (NCSC), which provides rapid-response assistance. Over 6,000 businesses and public institutions have benefitted from the NCSC’s cybersecurity recommendations (NCSC Annual Review, 2023).

Cloud Adoption Trends

The adoption of cloud services shapes demand for specialised cybersecurity services, particularly in DevSecOps (Development, Security, and Operations) to secure cloud-based infrastructure. This is important for future-proofing businesses, and therefore nations, for increasingly cloud native technology, and the respective need for cyber security also.

This cloud adoption is more advanced in the UK, partly due to its denser tech landscape. About 45% of UK organisations use advanced cloud computing services like container orchestration and serverless architecture (Gov.uk, 2023), compared to about 31% in Australia (Accenture Cloud Report, 2023). Meanwhile, Australia’s cloud adoption is gaining momentum but still lags behind the UK. Nearly 70% of Australian organisations are in the early stages of cloud adoption or using hybrid models (Accenture Cloud Report, 2023). This gap highlights the need for more generalised cybersecurity strategies to cover both on-premises and cloud services, while also emphasising the fact that the demand for cybersecurity cloud offerings in Australia is set to boom.

Governance Structures

Underpinning each nation’s cybersecurity landscape is their unique governance frameworks. Australia’s Privacy Framework, including the Privacy Act 1988 and the Notifiable Data Breaches (NDB) scheme, govern data protection in the country. The country also recommends Essential Eight cybersecurity strategies developed by the Australian Signals Directorate as a guiding framework, helping in particular small businesses with their cyber uplift who may not have the resources or budgets of larger enterprises. In 2023, the Office of the Australian Information Commissioner (OAIC) reported a 26% increase in data breaches (OAIC Notifiable Data Breach Report, 2023), urging companies to focus on and invest in proactive security measures.

Comparatively, the UK’s cybersecurity market is heavily influenced by European Union regulations, such as the General Data Protection Regulation (GDPR). In 2023, the Information Commissioner’s Office (ICO) levied £12 million in fines for GDPR violations (ICO Annual Report, 2023), leading to increased cybersecurity investments.

Whether companies are investing in cybersecurity to proactively protect against financial losses associated with a successful cyber attack, or dodging fines from governing bodies for not being compliant, it is clear that heavy investment in information security is being made on both sides of the pond.

Industry Focus and Market Diversification

Australia’s market is geared toward government agencies, critical infrastructure, and resource-based industries. Cybersecurity threats to critical infrastructure are taken seriously, leading to tighter regulations like the Security of Critical Infrastructure Act 2018 (Australian Government). Resource-based industries are particularly prone to supply chain attacks, driving investments in endpoint and network security.

The UK’s cybersecurity market is more diversified, with a strong focus on financial services, healthcare, and tech sectors. The financial services sector alone invests over £1 billion annually in cybersecurity measures (HM Treasury Cyber Security Review, 2023), highlighting the severity of financial loss in the face of failed security measures.

Conclusion

In conclusion, both the UK and Australian cybersecurity markets are thriving. While Australia may lag in overall market size, its prevalence in technology and service-heavy economies is rapidly expanding. Overall, the primary distinction between the two regions lies in their governance structures. Yet, these differences translate across frameworks, with both adhering to internationally recognized standards like NIST (National Institute of Standards and Technology) and ISO (International Organization for Standardization).

Ultimately, the UK and Australian cybersecurity markets are poised for continued growth, propelled by the increasing prevalence of emerging cyber threats and the subsequent demand for protection. The rivalry between the two nations extends beyond sports into the digital realm, where both will continue to strengthen their cybersecurity defences in the global context. #NoStepsBackwards.

For information on NSB Cyber’s Cyber Governance capabilities or to book a meeting with our team, click here.

References
1. Computer Weekly (March 19, 2024): Explore insights and industry news related to cybersecurity trends and strategies at Computer Weekly.
2. Australian Cyber Security Magazine: For an overview of Australia's cybersecurity market and strategy, check out the Australian Cyber Security Magazine.
3. 2023-2030 Cyber Security Strategy: Learn about Australia's comprehensive cybersecurity framework at ISACA.
4. Statista 2023: Statistical data on the UK cybersecurity sector, including its valuation and trends, is available through Statista.
5. gov.uk (UK Cloud Adoption Report): The official UK cybersecurity sectoral analysis provides valuable insights into market size, trends, and employment in cybersecurity Gov UK.
6. OAIC Notifiable Data Breach Report 2023: The Office of the Australian Information Commissioner (OAIC) publishes detailed annual reports on notifiable data breaches, highlighting significant data trends and security issues.
7. ICO Annual Report 2023: The UK's Information Commissioner's Office (ICO) annual report contains crucial details about the GDPR fines levied in 2023.
8. HM Treasury Cyber Security Review 2023: HM Treasury reviews cybersecurity measures in the financial sector and their investments to improve data security. See more at NCSC Annual Review 2023.
9. CrowdStrike Gov Threat Summit (March 19, 2024): Access keynotes and workshops from the Gov Threat Summit on-demand here via CrowdStrike website.
10. NCSC Cloud Security Collection: For comprehensive guidance on secure cloud adoption, visit the UK's National Cyber Security Centre collection.