Australia’s federal government has launched “Horizon 2”, marking the second phase of Australia’s cyber security strategy and introducing a new programme of work for 2026–2028.
Tim Dillon, Regional Head of Delivery, APAC shares his thoughts:
"The Australian Government’s Horizon 2 Action Plan is a timely step forward in scaling cyber resilience across the whole economy at a point when the threat landscape is evolving rapidly. The continued commitment to partnership between government and industry is encouraging and aligns to our belief that cyber security is a team sport and improving resilience requires coordinated action across the public and private sectors.
On AI, the Action Plan takes a guidance-led path. Its AI-specific measures include:
- leading the Five Country Ministerial AI Working Group to identify the national security risks of AI;
- assessing whether existing crisis-management frameworks can respond to a major AI incident;
- building government visibility of AI incidents in critical infrastructure via the Trusted Information Sharing Network;
- staying ahead of future AI threats through the Australian AI Safety Institute, including setting cyber expectations for data centres and AI infrastructure under the National AI Plan;
- and helping Australians recognise AI-enabled cyber attacks through the Act Now. Stay Secure. campaign.
The AI specific measures are welcome and give organisations practical guidance, but it remains a set of building blocks. In our consultation response we called for proportionate, globally aligned AI regulation that embeds security and safety from the outset, mitigates risk and builds trust to allow Australia to benefit from the opportunities AI present. The case for a coherent statutory framework has only strengthened as AI becomes both a productivity driver and a fast-growing attack vector.
While there is more to do, Horizon 2 represents a credible and pragmatic evolution of Australia’s cyber strategy. Its success will depend on sustained delivery and continued collaboration as threats and technologies continue to evolve.”