In response to a series of damaging high-profile data breaches, the Australian government is taking steps to overhaul cybersecurity laws and regulations in the country. Recently, government officials released a consultation paper outlining proposals aimed at positioning Australia as a global leader in cybersecurity by 2030, seeking input from the private sector.
One of the key focuses is to address deficiencies in current cybercrime legislation, with intentions to amend the Security of Critical Infrastructure (SOCI) Act 2018. This includes enhancing threat prevention, promoting information-sharing, and improving cyber incident response strategies.
Disastrous events such as the cyberattacks on Optus and Medibank highlighted weaknesses in Australia’s cyber incident response capabilities. These breaches underscored the importance of bolstering cybersecurity measures to prevent future attacks.
The Australian government has initiated a cybersecurity reform strategy following these incidents, aiming to establish a robust public-private partnership to enhance the nation’s cybersecurity resilience. Proposed legislative changes encompass various measures such as securing IoT devices, implementing ransomware reporting rules, and setting up a national Cyber Incident Review Board.
Given the vast geographical expanse of Australia and the increasing adoption of digital technologies across critical industries, protecting infrastructure from cyber threats poses a significant challenge. To address this, the government is considering the implementation of a Critical National Infrastructure Policy and drawing insights from global cybersecurity standards.
While Australia faces a shortage of cybersecurity experts, efforts to align with international standards and mandate cybersecurity practices are seen as positive steps. However, experts point out areas for improvement, such as enhancing controls around software supply chains to bolster cybersecurity measures.
Both government and private sector investments in cybersecurity are on the rise, reflecting a collective effort to strengthen information security practices in the country. With a growing focus on cloud security and increased regulatory obligations, Australia is poised to make significant strides in becoming a cybersecurity leader.