Australia considers cyber militia to tackle rising digital threats
With cyberattacks on the rise and a shortage of trained professionals, Australia is considering a volunteer ‘cyber militia’ to strengthen its defences. The proposal could expand national resilience but would require careful safeguards to manage legal and security risks.
Australia is weighing the creation of a volunteer ‘cyber militia’ to address a growing shortage of skilled professionals in the cybersecurity sector. The idea comes as the country faces an escalating wave of ransomware and industrial cyberattacks that threaten national defence and critical infrastructure.
Rising threats and skills gap
Cyberattacks are intensifying worldwide, and Australia now ranks fourth globally for threats against industrial and operational technologies. Mining, manufacturing, and energy companies have become regular targets, with many incidents linked to AI-powered hacking tools that are increasingly sophisticated.
The government’s 2023–2030 Cyber Security Strategy aims to build resilience through six so-called ‘cyber shields,’ which include updated legislation, intelligence sharing, and stronger defences for critical sectors. However, a shortage of trained cybersecurity workers continues to undermine these efforts, leaving smaller companies and rural networks especially vulnerable.
The cyber militia proposal
To fill these gaps, policymakers are exploring a model inspired by Estonia’s cyber defence unit, which brings together volunteers from outside traditional career paths. In Australia, the proposed cyber militia could include:
- Retired professionals with cybersecurity experience
- Hobbyist hackers with strong technical skills
- University students studying computer science or related fields
The volunteers would help with monitoring networks, identifying threats, and assisting in incident response when attacks occur.
Opportunities and risks
Supporters argue that such a militia could strengthen national resilience by mobilising untapped talent and creating a broader sense of shared responsibility for cybersecurity. It could also provide smaller firms and local communities with expertise they could not otherwise afford.
Critics, however, point to potential risks. Allowing volunteers to handle sensitive systems raises concerns about vetting, insider threats, liability, and proper training. New legal frameworks would be needed to define what volunteers can and cannot do, as well as who is responsible if something goes wrong.
What’s next
Pilot schemes have been suggested in high-risk sectors like energy and finance, where the impact of cyberattacks can be especially severe. Funding would likely come from both government and private industry.
Advocates say that if designed carefully, a cyber militia could not only boost Australia’s immediate defences but also serve as a model for democratising cybersecurity, fostering collaboration between government, industry, and ordinary citizens.
