
Australia and India are set to be more prescriptive and streamlined in their joint cyber initiatives, through a new partnership launched last week.
On 9 July, the two countries unveiled the Partnership on Cyber, Critical Technologies and Supply Chains (PACTS), which will streamline cyber dialogues and working groups to remove duplication. Replacing the 2020 framework, PACTS aims to counter cybercrime, deter malicious cyber activities and ultimately bolster cyber trade and capacity building. It will also establish practical workshops and a cyber skill incubator hub. The partnership is intended to be more prescriptive than its predecessor, with clearer announcements.
PACTS is India’s latest security tech partnership, following the TRUST initiative with the United States and the Technology Security Initiative with Britain. It promises top-level synergy with Australia to deliver outcomes.
Firstly, PACTS aims to consolidate and rationalise the bilateral mechanism in cybersecurity, removing duplication across working groups and dialogues. Since 2014, there have been five rounds of cyber policy dialogues led by India’s External Affairs Ministry (MEA) and Australia’s Department of Foreign Trade (DFAT), as well as the 2022 India-Australia Foreign Ministers’ Cyber Framework Dialogue. The countries have also held two joint working groups since 2020, one on information and communications technology and the other on cybersecurity cooperation.
Under PACTS, cyber dialogues and working groups will still be led by MEA and DFAT but overseen by the deputy national security adviser of the National Security Council Secretariat (NSCS) in India and the deputy secretary of the International and Security Group within the Department of Prime Minister and Cabinet (PM&C) in Australia. They will provide strategic oversight and hold annual review meetings to track progress.
India’s NSCS is well positioned to oversee this partnership, following the 2024 Allocation of Business Rules amendment which made it responsible for overall coordination and strategic direction in cybersecurity. Australia’s PM&C is also well versed in coordination, supporting the prime minister across national security briefs including cybersecurity. The new mechanism under the NSCS and PM&C can consolidate dialogues and working groups to improve agility and coordination in cyber issues.
Secondly, through this mechanism and oversight, PACTS may seamlessly embed cybersecurity into the partnership’s four other pillars: supply chain resilience and diversification, critical technology, digital resilience and defence research collaboration. It will enhance cybersecurity in bilateral supply chains involving critical technologies. Joint practical experience and knowledge sharing can inform other areas such as AI, biotech, critical minerals, aerospace and defence, and digital public infrastructure. For example, Australia’s Department of Industry, Science and Resources could work with India’s National Critical Minerals Mission and share cybersecurity expertise such as its 2025 information toolkit to protect critical mineral supply from foreign cyber interference through structured information and reporting procedures.
Thirdly, PACTS aims to expand current practices and policy-centric cooperation to develop joint cyber capabilities and capacities. While the existing Australia-India Cyber and Critical Technology Partnership grant supports projects that enhance shared understanding of standards and ethical frameworks, it lacks support for joint development of cybersecurity products and capabilities involving industries and research institutions.
This expansion is necessary given a rise in cyberattacks on both Australia and India by state-sponsored and non-state actors targeting electricity grids, transportation and the biotechnology sector. There have been instances of state-backed cyber espionage and intellectual-property theft targeting industries in both countries, including India’s biotech, aerospace and defence sectors.
Ultimately, PACTS aims to ‘enhance trade and investment between Australian and Indian businesses on cybersecurity and tech ventures’. For capacity building, the new cyber tech skill incubator hub can fund initiatives for training cyber practitioners to deal with sophisticated threats. In addition, a bilateral cyber challenge grant program could be created to encourage joint product investment and development for government procurement and commercial sale in both countries. Such a program could deepen research and development linkages, which remain pivotal for addressing emerging cyber challenges in line with post-quantum cryptographic standards and secure telecommunications.
The partnership’s focus on countering cybercrime addresses the increasing cybercrime costs faced by both India and Australia, To operationalise this, both countries should work to improve digital policing and forensics. The Australian Federal Police and the Indian Cybercrime Coordination Centre could facilitate exchange programs for their respective cybercrime investigators and cyber commandos. Industry bodies like the Data Security Council of India’s Center for Cybercrime Investigation Training & Research could partner with Australia’s CI-ISAC, a cross-sectoral information sharing organisation, to curate workshops aimed at enhancing digital forensic capabilities.
PACTS has great potential for expanding the India-Australia cybersecurity partnership into a high-level, operational cyber mechanism. It can be curated to trade cybersecurity products, build joint cyber capacity and cyber secure bilateral tech supply chains. With sustained momentum, PACTS can unlock the trust and muscle memory needed for deepened collaboration in key areas such as swift intelligence sharing and fight common adversarial cyber threats.
Leave a comment