- allow the cyber security minister to provide mandatory cyber security standards for smart devices to give Australians reassurance that the devices they buy do not pose a risk,
- require certain businesses to report ransom payments, so our cyber experts can build a better picture of the threat landscape,
- activating the ‘limited use’ mandate of the National Cyber Security Coordinator and the Australian Signals Directorate (ASD) to facilitate the rapid and open sharing of information during a cyber security incident,
- to establish a Cyber Incident Review Board(CIRB) to conduct proactive, post-incident reviews of significant cyber security incidents in Australia and make concrete recommendations to help prevent, detect, respond to, and mitigate future cyber incidents.
The Cyber Security Bill2024 was introduced on 9 October and later recommended for fast track approval in parliament on 19 November by the Parliamentary Joint Committee on Intelligence and Security (PJCIS).
Burke said the package also furthered the changes under the Critical Infrastructure Security Act 2018 (SOCI Act) which will:
- Clarify existing responsibilities in relation to systems that hold important business information,
- To increase the available storage capacity to help the government manage the impacts of all hazardous events on critical infrastructure,
- Facilitating information sharing across industry and government’,
- Allow government to direct businesses to address critical deficiencies within their risk management systems
- Integrate the communications security regulations into the SOCI Act.
“The Government has passed Australia’s first independent Cyber Security Act, a key pillar in our work to protect Australians from cyber threats,” Burke said. “This package creates a unified legal toolbox for Australia to move forward with clarity and confidence in the ever-changing internet landscape.
Source link