BREAKING: Australian Cyber Security Act Passed
Today (November 25), the Albanian Government passed Australia’s first autonomous law Cybersecurity law.
The law, launched as part of the Australian Cyber Security Strategy 2023-2030aims to close the gaps in Australia’s cyber resilience and progress towards the Government’s goal of making Australia the most cyber-secure country in the world.
“The Australian Government is delivering on its commitment to securing Australia’s cyber environment and protecting our critical infrastructure,” Cyber Security Minister Tony Burke said.
“The government has enacted Australia’s first stand-alone law. Cybersecurity lawa key pillar of our mission to protect Australians from cyber threats.
“This package provides a cohesive legislative toolkit for Australia to move forward with clarity and confidence in the face of an ever-changing cyber landscape.”
THE Cybersecurity law will execute seven initiatives introduced for the first time as part of the cybersecurity strategy.
Most notable is the introduction of the “limited use” requirement, which will set out restrictions placed on the Australian Signals Directorate (ASD) and the National Cyber Security Coordinator on how information shared by organizations having suffered a cyberattack can be used, potentially protecting users. to be punished and to encourage organizations to report incidents.
“Close cooperation between government and industry is one of our best defenses against malicious cyber activity. Following a cybersecurity incident, businesses need to know they can turn to government to quickly get the support they need,” Minister Burke said.
“THE Cybersecurity law marks a significant milestone in bringing Australian cybersecurity laws into the 21st century.
Some organizations will also be required to report when they pay a ransom to threat actors, allowing cyber professionals to better understand how threat actors operate.
Additionally, the legislation will enable the Minister for Cyber Security to establish cybersecurity standards for smart devices to guide Australians in purchasing more secure devices and will see the establishment of a Cyber Incident Review Board (CIRB) to “perform faultless post-incident reviews. » high-profile major cybersecurity incidents and provide recommendations for dealing with future incidents.
THE Critical Infrastructure Security Act of 2018 (SOCI) will also be reformed, simplifying information sharing between government and industry, including the regulation of telecommunications companies in law, expanding the government’s powers of last resort to enable it to better deploy aid in the event of a cyber attack on critical infrastructure and allow the government to order entities to remedy major flaws in their risk management programs.