Source: David Coleman | Have Camera Will Travel via Alamy Stock Photo
Australia introduced a new cybersecurity law into parliament, known as the Cyber Security Bill 2024, its first effort to codify security standards for smart devices, ransomware reporting, and coordination of significant cybersecurity incidents.
The bill calls for creation of a Cyber Incident Review Board to implement post-incident reviews of significant cybersecurity incidents, as well as restrictions on how incident information can be provided to the National Cyber Security Coordinator and shared with other countries.
Under Australia's Security of Critical Infrastructure (SOCI) Act of 2018, the bill will also implement reforms by reinforcing government assistance measures to manage the impact of cyber incidents on critical infrastructure and simplify the information shared between industry and government.
"We need a framework that enhances protections for victims of cyber incidents and encourages them to engage with government, and we need a framework that enables us to learn lessons from significant cybersecurity incidents so that we can be better prepared going forward," stated Tony Burke, Minister of Home Affairs of Australia, when introducing the bill.
The proposed regulatory framework is part of the country's goal to become a leader in cybersecurity by 2030, an objective that was introduced in 2023 through the Australian Cybersecurity Strategy, an estimated seven-year effort.