Government introduces landmark cybersecurity legislation


Wednesday, 16 October, 2024

Government introduces landmark cybersecurity legislation

Last week the Australian Government announced the introduction of Australia’s first standalone Cyber Security Act.

With a heightened geopolitical and cyberthreat environment, placing pressure on Australia’s collective cyber resilience and security, the government sees the protection of Australia’s cybersecurity and critical infrastructure as vital to national security and economic stability.

The Cyber Security Legislative Package will implement seven initiatives under the 2023–2030 Australian Cyber Security Strategy, addressing legislative gaps to bring Australia in line with international best practice and take the next step to ensure Australia is on track to become a global leader in cybersecurity.

These measures will address gaps in current legislation to:

  • mandate minimum cybersecurity standards for smart devices
  • introduce mandatory ransomware reporting for certain businesses to report ransom payments
  • introduce a ‘limited use’ obligation for the National Cyber Security Coordinator and the Australian Signals Directorate (ASD)
  • establish a Cyber Incident Review Board.
     

The package will also progress and implement reforms under the Security of Critical Infrastructure Act 2018 (SOCI Act). These reforms will:

  • clarify existing obligations in relation to systems holding business-critical data
  • enhance government assistance measures to better manage the impacts of all hazards incidents on critical infrastructure
  • simplify information sharing across industry and government
  • introduce a power for the government to direct entities to address serious deficiencies within their risk management programs
  • align regulation for the security of telecommunications into the SOCI Act.
     

The government says the measures in the legislation were informed by an extensive consultation process, including the release of the Cyber Security Legislative Reforms Consultation Paper in December 2023 and targeted consultation on an Exposure Draft package in September 2024.

The government hopes a unified effort of government, industry and the community will ensure Australia is well positioned to prevent and respond to emerging threats and protect our cyber environment and critical infrastructure into the future.

Image credit: iStock.com/1550539

Related News

LockBit named nastiest malware of 2024

LockBit, a ransomware malware known to have been used to attack Australian targets, has been...

Proofpoint email security tools pass IRAP assessment

Following on from its launch of Australian data centres last year, Proofpoint has completed an...

Forescout completes IRAP assessment

Forescout has completed an IRAP assessment for its cloud security platform, paving the way for...


  • All content Copyright © 2024 Westwick-Farrow Pty Ltd