PM Transcripts

Transcripts from the Prime Ministers of Australia

Turnbull, Malcolm

Period of Service: 15/09/2015 - 24/08/2018
Release Date:
22/04/2016
Release Type:
Transcript
Transcript ID:
40310
Location:
Australian Technology Park, Sydney
Doorstop with Treasurer and Minister for Industry, Innovation & Science

PRIME MINISTER:

Very good. Well now, cyber security. This cyber security strategy sets us up for a much more secure future online, which is absolutely critical to Australia continuing to enjoy the benefits of the 21st century economy. So this is a matter of national security. But it is also, as I said in my speech, an opportunity for Australian innovation. There are a lot of jobs in this, a lot of exports in this. Cyber security is a huge global industry and we have some of the best researchers, some of the best developers in the world and this strategy will ensure that they have greater access to markets both here and abroad. The Treasurer is here, as is the Minister for Innovation. Treasurer, the financial services sector of course is one of the prime targets of malicious actors in the cyber sphere. So I will ask you to say a few words and then I’ll invite Christopher to add to them.

TREASURER:

Thank you. Well thank you Prime Minister and I commend you and of course Minister Pyne for this incredible initiative. At the end of the day it's all about jobs and growth. This Government is investing - whether it's in our defence industries, in our national security or indeed with this initiative on cyber security. - to not only just address the national security issues that are around this, but is also investing in a smart way that drives jobs and growth by supporting our high tech industries.

And so that is what this is about, particularly from an economic point of view and I think this plan goes another step forward to ensuring that we have the jobs of the 21st Century.

MINISTER PYNE:

Thank you very much, Scott. Cyber security is one of our key research capabilities, but we haven't tapped into the commercialisation of that key research capability. $75 billion is spent every year on cyber security around the world. We would like to get part of that economy and so today I'm very pleased to have reannounced the Cyber Security Industry Growth Centre but also the chairs of that, Doug Elix and Adrian Turner and the first two nodes are in Sydney and in Melbourne. We are making sure they are industry-led because we want to make sure that turn our research into commercialisation, which means jobs and growth in Australia. Thank you.

PRIME MINISTER:

Thank you. Now do you have any questions on cyber?

JOURNALIST:

Prime Minister, you made a couple of significant points in the speech today, one mentioning the offensive cyber capabilities; I guess that’s a revelation. But also pointing out some of the departments, government departments that have been hacked. Why this move to a more open method in an area that’s traditionally quite secretive? And also if I can just ask – you mentioned that it costs the nation $17 billion a year, is $230 million enough?

PRIME MINISTER:

Yeah well the, you can be, as far as the money is concerned, we are committing the funds we believe are necessary to achieve the objectives I described in my speech. As far being open about the breaches of security at government agencies, at the Bureau of Meteorology and the Department of Parliamentary Services, we call on the private sector to be open about data breaches and to be open with Government, to be open with the Privacy Commissioner, to be open with our cyber emergency response framework. It's very important that we have a more open culture in this area and we have got to lead by example. Because it’s only when people acknowledge there has been a breach that we can actually learn from it and everyone can learn from it. You know, often this is because of a flaw in - perhaps a flaw in the software system that is widely used. And so the more that we understand about what has happened in one place, enables us to protect the others.

JOURNALIST:

Prime Minister, how much will it cost to repair the Bureau of Meteorology's hack?

PRIME MINISTER:

I can't give you an estimate on that. But the process is well underway and my advice is that it is now secure.

JOURNALIST:

We heard you used the figure of $400 million is that the ballpark?

PRIME MINISTER:

Well I can't comment on that.

JOURNALIST:

You have spoken about openness and transparency.

PRIME MINISTER:

You asked me for the cost of the remediation, I don't have that figure with me, so I can’t provide it to you.

JOURNALIST:

Can you confirm it came from China?

PRIME MINISTER:

No I won’t, I don't, have anything further to add to it than what I've said today.

JOURNALIST:

Prime Minister on the offensive capability that you have talked about, I take it this is not a new thing. Without giving examples, perhaps, how often has that sort of thing been used in the past by Australians and in the Government framework around that, are there any legislative changes that need to be made to oversight that?

PRIME MINISTER:

No as I said in my speech, the offensive capability that is possessed by the Australian Signals Directorate will only be used in circumstances which in conformity with our laws and indeed the international laws and accepted norms applying to that kind of conduct. But it is important to know, for Australians to know, that we have considerable capabilities in this field, very considerable capabilities.

JOURNALIST:

Prime Minister could you describe what one of the scenarios might be that might trigger one of these offensive attacks?

PRIME MINISTER:

I will - I've made it very clear that we have considerable offensive capabilities but I'm not going to go into any more detail than that. But so that - I'm sorry, I will disappoint you in that regard.

JOURNALIST:

Would the legal frameworks and norms stop you from launching them against foreign governments?

PRIME MINISTER:

Again the framework that we have that applies to our cyber capabilities are the same that apply to the rest of the tools that are at our disposal in terms of our defence capabilities. So this is a - these are capabilities that are able to be deployed in defence of Australia and the point that we are being very open about is, that we do have very considerable capabilities in this regard. We don't go into a detailed description of them. Naturally, you wouldn't expect me to. But other nations, other like-minded nations have made disclosures, have disclosed what many people of course understood, that they do have offensive capabilities, including, of course, our very close allies in the United States and the United Kingdom.

JOURNALIST:

Have foreign governments tried to infiltrate Australian Government departments or organisations that you are aware of?

PRIME MINISTER:

You should assume that efforts are made by foreign actors, both governmental and non-governmental to penetrate Australian government agencies. That is, you have seen - we acknowledged two today. But if you talk to, perhaps if you talk to the banks, for example, you will find that they are grappling with thousands of attempted hacks all the time. This is a very active area it's one where we have to be very focused on and extremely alert. One of the greatest allies of the hacker is complacency. One of the points that I discussed in the business roundtable earlier, of course, was what I call warm ware. We talk about vulnerabilities in software and so forth and you know and the ability of somebody to insert malware in an attachment that people foolishly open when it arrives in an email, but also a lot of cyber breaches are the result of an inside job. You know Snowden being probably the most celebrated one. But one of the things that organisations, whether they are governmental or private have to be very alert to is who has administrative privileges? Who are the administrators? How much do you know about them? How are those privileges shared? And also, it's very important too, for employees to understand that the standards of cyber security or cyber hygiene as I described it in my speech that they apply at work also should be applied when they are using the internet privately. That is another vector that people can use to access organisations that would otherwise be quite secure.

JOURNALIST:

Prime Minister in many cases, though, private organisations that get breached or get hacked don't report it for embarrassment to brand damage. Is there any move to make it mandatory requirement they do report it either centrally or through industry?

PRIME MINISTER:

We are leading by example there. I think K-Mart is much to be commended as I did in fact commend them for acknowledging the breach they suffered. Look everybody is vulnerable to this and the truth is that the more open we are, the more we share information about breaches and experiences, and that is why we are establishing the Cyber Security Centre or beefing it up, beefing up the engagement with business, that's why we are moving it out of the ASIO building as we described earlier so it is a more accessible environment, all of that will enable us to learn a lot more. If we work together, business, individuals, consumers if you like, households, and governments, if we share more and if the telcos share more too, then as we learn more about the vulnerabilities and the vectors which malicious actors use, then we become more secure and we all learn from each other.

JOURNALIST:

You are not imposing a regulatory...[Interrupted]

PRIME MINISTER:

The other thing, I wanted to say something about the banks. So we dealt with cyber. Perhaps I should do this and then I will ask the Treasurer to say something too. Now this morning, the Treasurer and the Assistant Treasurer and I called in the leaders of the banks to discuss their response to the call to action that I made on the 6 April. You may recall I addressed a big event of Westpac's and I reminded the banks that there had been too many failures in terms of the way in which they treated their customers and there had to be changes to ensure that customers’ complaints were dealt with more promptly and dealt with effectively and generously and that there had to be, above all, a change, a demonstrated change in the culture of banks. I reminded them that banks are based on trust and that they are businesses unlike any other. They have a great support from the public and the Government during challenging times for them. And they needed to recognise that their business was based on trust and therefore in their culture, the customer had to be at the absolute heart of everything and they had to go further than simply talking about that, they had to ensure that every promotion, every bonus, every recognition of their employees took into account the conformity with that culture. In other words, making money could not be the only criterion for advancement. You had to ensure, that people who worked for the banks, and there are hundreds of thousands of them, understood that that customer-centred culture was at the heart of their work and their prospects for advancement.

Now there are hundreds of thousands of people literally working for our banks, and they are good hard-working Australians who do a great job. There have been some failures, we acknowledge that, and we recognise that, and we are concerned, very concerned about the grief and the loss that individuals have suffered who have been done wrong, if you like, where banks have let them down. What we want to ensure is that there is action that they get recompense, and that people who have problems with their banks and their financial advisers can get real action and real recompense now.

So what we've done is brought the banks in, and they have presented us with their changes that they are implementing today, and the Treasurer will speak a little bit about them, they have confirmed their strong support for the changes to ASIC that the Treasurer announced yesterday, and they have confirmed they will not be passing on the costs, the additional costs, they will have to bear to support the extra investment in ASIC, they won't pass them on to the public, and the Treasurer will again raise that.

We are putting action first. We are putting real, decisive action to ensure that the corporate regulator, with all of its powers, has the resources to do its job better, and that the banks change their ways to make sure that they treat their customers better. What Mr Shorten has proposed, as you know, is a royal commission. That would take many years, that would compensate nobody and the only financial rewards, or the only financial benefits arising out of that royal commission, would be given to the legal profession. What he has proposed is lawyers first. We are putting customers first. I ask the Treasurer to speak to that.

TREASURER:

Well thank you Prime Minister. I'm pleased after the discussions we held with banks and the points we made yesterday, that each of the four major banks have confirmed to me that they will not be passing on those charges that we spoke of yesterday. The banks will pay an extra $120 million to ensure that we have a tough cop on the beat in ASIC and we implement the capability review that we initiated in July of last year. And we have taken that review, its outcomes its recommendations, we have worked those through. It has come through our Cabinet and Budget process over many months to arrive at the position we were at yesterday.

As the Prime Minister said, this represents tangible action. The deals with the needs of a more focused ASIC that deals with the needs of increased powers for ASIC and increased resources for ASIC which has more than the powers of a royal commission to deal with these issues. Now the banks have made some announcements today that picks up on some of the things we have been clear about, and that includes with the Financial Services Ombudsman to review those thresholds to ensure that more people can have their case presented, that more people can have their cases resolved.

Remember under the Financial Services Ombudsman, when a matter is determined in that mediation, the banks are bound by their own commitment to honour those outcomes. And so that is a very welcome initiative which they have outlined today. The other initiatives that deal with commissions, that deal with whistle-blower support, that deal with support for the user payers model that were put forward and the changes more broadly to the complaints-handling processes, these are all things that take the agenda forward.

As the Prime Minister said, there is a very clear contrast here. There is the action that we have proposed that seeks to provide remedy and provide support and provide ventilation and a way for people's individual cases to be determined.

40310