Smart devices must meet minimum security standards and ransomware reporting will be mandated for some businesses under new laws proposed by the Federal Government.
Federal Cyber Security Minister Tony Burke said a new Cyber Security Act aimed to secure Australia’s cyber environment and protect critical infrastructure.
Minister Burke said recent cyber incidents had demonstrated that attacks could spread instantaneously and systems and legislation needed to be hardened to keep ahead.
“In this heightened geopolitical and cyber threat environment, strong laws and protections are necessary to protect every citizen and business across our digital economy,” he said.
The new legislation provided a clear framework for contemporary, whole-of-economy issues, positioning the Government to identify and respond to new and emerging cyber threats.
“Subject to the passage of this legislation, Australia will have its first standalone Cyber Security Act,” Minister Burke said.
The legislation would address current gaps, including:
- Mandating minimum cyber security standards for smart devices.
- Introducing mandatory ransomware reporting for certain businesses to report ransom payments.
- Introducing a “limited use” obligation for the National Cyber Security Coordinator and the Australian Signals Directorate.
- Establishing a Cyber Incident Review Board.
He said it would also implement reforms, which would:
- Clarify existing obligations in relation to systems holding business critical data.
- Simplify information sharing across industry and Government.
- Introduce a power for the Government to direct entities to address serious deficiencies within their risk management programs.
- Move regulation for the security of telecommunications into the Security of Critical Infrastructure Act 2018.
”The creation of a Cyber Security Act is a long-overdue step for our country, and reflects the government’s deep concern and focus on these threats,” the Minister said.
“Australians love the convenience of smart devices at home, but consumers need to know that smart devices are still safe devices.”