Australian govt begins cyber security consultation

The Department of Home Affairs has published a discussion paper on regulatory reforms to strengthen the cyber security of Australia’s digital economy.

The Australian Department of Home Affairs has released a cyber security discussion paper for public consultation. 

The paper is in response to recommendations made in the 2020 Cyber Security Strategy Industry Advisory Panel and seeks public views about approaches and initiatives proposed.

Three key areas of focus include:

Setting clear cyber security expectations such as greater use of cyber security governance standards targeted at large businesses and company boards, potentially including greater liability for directors, minimum enforceable security standards to protect personal information and mandatory baseline standards to improve the security of smart devices given the limitations of the voluntary IoT Code of Practice currently in place.

Increasing transparency and disclosure which includes initiatives on cyber security labelling for smart devices to allow consumers to better identify the level of security implemented on, and testing passed by, a device, responsible disclosure policies to facilitate faster and more efficient detection and patching of vulnerabilities and a small business cyber health check system that incentivises participation with a completion reward that can be used to market adequate cyber risk management.

Protecting consumer rights via direct legal remedies for consumers such as reforming the Australian Consumer Law to address impediments to incidents involving cover cyber security and introducing a direct right of action for privacy breaches under the Privacy Act.

The proposed cyber security policies are intended to uplift the cyber security of all digitally enabled businesses, and form part of Australia’s Cyber Security Strategy 2020. These reforms are an attempt for the Government to achieve its goal of being a leading digital economy by 2030.

Home Affairs Minister Karen Andrews said: "Cyber security is a shared responsibility between governments, businesses and the community and as a result the government is taking action to mitigate the real and present danger that cybercrime presents to Australians and our economy.

“I want to make sure Australian businesses – big and small – are secure and consumers are protected.

"We cannot allow this criminal activity to become a significant handbrake on our economic growth and digital security," she added.

A number of the initiatives if implemented will have significant implications on many businesses and directors.


Featured Articles

The impact data poisoning has on cyber and AI

We take a look at why the risks of data and AI poisoning is continuing to wreak havoc on the cybersecurity industry

Five innovative ways AI can help prevent cyber attacks

A cyber hack at Okta put businesses on high alert, and here, we examine how AI can help prevent future breaches

SailPoint delivers new non-employee risk management solution

The new capability will help organisations manage non-employees while also supporting regulatory compliance requirements and reducing third-party risk

Akamai shares details of Asia’s record-breaking DDoS attack

Network Security

Vive la France and Cyberscore Law is rallying cry for Europe

Operational Security

(ISC)² signs MOU with UAE to train nation’s cyber workforce

Operational Security