Governance and Risk Management, Government, Industry Specific
Australia envisions cybersecurity leadership in the Pacific with new strategy
Jayan Chakravarty (@JayJay_Tech) •
November 22, 2023
The Australian government said it will make ransomware reporting mandatory for businesses, strengthen law enforcement capabilities and fund start-ups with innovative cybersecurity solutions under a strategy announced on Monday.
Related item: Live Webinar | Generative AI: Myths, Reality, and Real Use Cases
Prime Minister Anthony Albanese’s government plans to spend A$587 million to transform Australia into a “world leader in cyber security” by the end of this decade.
strategy intend It makes it easier for businesses to report and recover from cyber incidents. Reporting ransomware will require legislation and a “no fault, no liability” obligation. The administration also said it will impose new incident reporting requirements on the telecommunications sector, along with other critical infrastructure sectors.
Australia will likely be hit by a wave of opportunistic ransomware attacks and data breaches in 2022, with cybersecurity becoming a hot topic and Albanon’s plan to make Australia “the world’s most cyber-secure country by 2030” was stripped of its commitments (see: Australia aims to become the world’s ‘most cyber-secure’ country).
“We cannot continue as usual, with data flying across the country, critical infrastructure starting to fail, and small businesses and citizens constantly complaining that they are vulnerable and powerless. We need to address the cyber threat itself,” Cybersecurity and Home Affairs Minister Claire O’Neill told reporters in Sydney. report Reuters.
According to the strategy, cybercrime costs for Australian businesses increased by 14% in the 12 months to mid-2023, with average costs ranging from A$46,000 to A$71,600, depending on company size. Just a few days ago, a cyber incident occurred at a stevedoring company serving Australia’s four major ports, temporarily disrupting the movement of goods domestically and internationally.
Governments are preventing companies and individuals from making extortion payments to cybercriminals, but this strategy falls short of proposals to outlaw ransomware payments. Instead, the upcoming Ransomware Protection Book will “provide clear guidance to businesses and the public on how to prepare for, respond to, and repel ransom demands.”
The government also plans to legislate mandatory cybersecurity standards for IoT devices and develop a voluntary labeling scheme for consumer-grade devices.
Senator James Patterson, Shadow Minister for Home Affairs and Cybersecurity; criticized The strategy was “too little, too late”, he said, pointing to a series of cyber incidents last year at private health insurer Medibank and telecommunications company Optus.
“There is nothing radical or revolutionary about this strategy, nothing that will significantly change the direction of cybersecurity,” he said.