We’ve just watched Australia allocate nearly $70 billion to national security — a record investment spanning submarines, cyber, intelligence, defence, and border operations.

On the surface, it looks impressive. Strategic. Forward-leaning. A government responding to the times.

But if you zoom out — globally, systemically, futuristically — a more troubling truth emerges:

This budget isn’t built for the world we’re heading into. It’s built for the world we wish we still had.

🔐 Money ≠ Mastery

Let me be clear: I’m not calling for more money. I’m calling for smarter thinking.

We are allocating vast sums to defend against a threat landscape that’s no longer about traditional warfare, or even just “cyber attacks” in the way we used to define them.

What we’re facing is a stacked, synchronised, systemic threat environment. The adversaries aren’t just hackers and nation-states anymore — they’re algorithms, deepfakes, disinformation supply chains, and psychological operations wrapped in TikTok trends.

And that means the threat isn’t just to our systems.

It’s to our perception, our cohesion, our decision-making capacity, and our public trust infrastructure.

📉 We’re Over-Funding Defence and Under-Resourcing Resilience

Yes, submarines are important.

Yes, surveillance and cybercrime units matter.

But if our public institutions, corporate leaders, and local councils aren’t cyber literate, emotionally resilient, and technically integrated — we’re still exposed.

What we need now is funding that matches where the battlefield has moved:

• Into algorithms.
• Into infrastructure.
• Into minds.

Because security today isn’t about controlling territory.

It’s about influencing behaviour.

And if you think that war is coming — you’re already late.

🧠 Where the Budget Falls Behind Reality

Here’s where I think we’ve missed the mark:

1. Cybersecurity is treated as an IT upgrade, not a national doctrine.

We’ve got patchwork funding across agencies, but no integrated cyber posture that unifies private and public resilience. We are also still looking at cybersecurity as 1s and 0s and it is the same non-functional cliche, no matter how you dress it every budget.

2. Education and national awareness are critically underfunded.

We spend billions hardening endpoints but forget that humans are the primary attack surface. Cybersecurity is still taught reactively — if at all — in schools, unis, and even boardrooms. Furthermore, there is this constant cliche of “Human centric cyber” and other stuff. And it boils down to cookie cut security awareness, phishing testing and other services delivered by people who have never been on the front line.

3. Geopolitical agility is still optional, not operational.

The Pacific strategy gets budget lip service, but our influence mechanisms haven’t kept pace with China’s hybrid diplomacy. Soft power without digital dominance is like launching balloons in a missile range.

4. Resilience is still a line item, not a mindset.

Until we build resilience into our culture — not just our procurement cycles — we’re just budgeting for optimism.

🌏 DFAT’s $6.4 Billion: Diplomacy in the Age of Techno-Authoritarianism

DFAT’s $6.4 billion allocation might sound like soft power spare change compared to Defence’s $54 billion, but in today’s world, influence is wielded less through tanks and more through terms of service.

We’re living in a time where diplomacy is no longer just handshakes and policy briefs. It’s about controlling platforms, shaping narratives, and negotiating the digital architecture that underpins trust, trade, and truth.

This budget supports regional stabilisation efforts, particularly in the Pacific — but let’s be real: this isn’t just about “helping our neighbours.” It’s about countering growing techno-authoritarian influence from China, and to a lesser extent, Russia and others, who are exporting digital governance models, surveillance tech, and AI tools into fragile democracies faster than we can send envoys.

In the past, DFAT’s job was to build bridges.

Today, it’s also about safeguarding borders you can’t see — the algorithmic, informational, and ideological ones.

So yes, diplomacy still matters. But it now includes:

• Fighting disinformation that destabilises entire election cycles.
• Supporting Pacific nations to resist infrastructure debt traps.
• Helping allies choose open internet principles over surveillance-state software.
• Navigating trade relationships that double as security risks.

If DFAT doesn’t have a digital statecraft division yet, it should. Because in the Indo-Pacific, you’re not just competing for territory — you’re competing for trust, connectivity, and sovereignty in a hyperconnected world.

And that battle is won in cables, code, and culture — not just communiqués.

🧭 What Would “Enough” Actually Look Like?

Here’s my wishlist for a future-facing security strategy:

• A national digital literacy campaign that treats cyber awareness the way we treated water conservation in the 2000s.
• A federal civilian resilience portfolio, coordinating disaster recovery, misinformation countermeasures, and behavioural risk strategies.
• Quantum-readiness investment, not just quantum envy headlines.
• Real-world scenario testing between defence, private industry, healthcare, and education — not just theoretical “strategic reviews.”
• And yes, less obsession with controlling the message — and more investment in informed, resilient communities.

🧨 My Final Word?

We’ve spent big. Great.

But let’s stop kidding ourselves.

The question isn’t whether the budget is enough.

It’s whether the mindset behind it is modern enough, humble enough, and uncomfortable enough to match the threats we don’t see yet.

Because the next war won’t wait for us to finish our strategic roadmap.

It’s already live.

In our networks.

In our narratives.

And most dangerously — in our assumptions.