'Long overdue' cyber legislation to be introduced to parliament
Make us a preferred source
Make us a preferred source on Google
The news: New cybersecurity laws requiring businesses to report the payment of ransoms and giving the government more powers to direct operators of critical infrastucture to take certain actions will be introduced to parliament on Wednesday.
The context: The long-awaited laws will address a number of recommendations from last year’s 2023-2030 Cyber Security Strategy.
Pending passage, Australia would have its first standalone Cyber Security Act which would mandate minimum standards for smart devices and introduce mandatory ransomware reporting for certain businesses to report ransom payments.
There will also be amendments to the Intelligence Services Act to impose a “limited use obligation” on the Australian Signals Directorate and Cybersecurity Coordinator, restricting them from passing on information to regulators that it gets from assisting companies respond to cyber attacks.
A Cyber Incident Review Board will also be established, which will be similar to what exists in the aviation industry, to learn from the lessons of major cyber attacks.
As revealed by Capital Brief last month, the government's existing step-in powers will also be amended to allow the Department of Home Affairs to intervene in a broader set of circumstances, including after a cyber attack has taken place.
It will also introduce a new power for the government to direct entities to address serious deficiencies within their risk management programs
What they said: "The creation of a Cyber Security Act is a long-overdue step for our country, and reflects the government’s deep concern and focus on these threats," Home Affairs Minister Tony Burke said.
"Australians love the convenience of smart devices at home, but consumers need to know that smart devices are still safe devices.
"We know government has to lead the way on cyber, but we also know we can’t do it alone, which is why these new laws have been consulted extensively with business.
"This legislation ensures we keep pace with emerging threats, positioning individuals and businesses better to respond to, and bounce back from cyber security threats.
"To achieve Australia’s vision of being a world leader in cyber security by 2030, we need the unified effort of government, industry and the community."
The source: Minister for Home Affairs
