The Optus and Medibank incidents have exposed “gaps” in Australia’s existing incident response functions, according to a discussion paper released this afternoon. The discussion paper calls for regulatory changes – including potentially a new Cyber Security Act. Most controversially, the paper suggests that the government’s power to step in to assist organisations or companies respond to cyber attacks could be expanded to a wider range of circumstances. But it is worth pointing out that this is not government policy as yet. The discussion paper was released shortly after Anthony Albanese addressed the cybersecurity roundtable in Sydney. It was drafted by an expert advisory board chaired by former Telstra boss Andrew Penn and whose other members are former air force chief Mel Hupfeld and cyber security expert Rachael Falk. The authors say they have heard from industry that business owners “often do not feel their cybersecurity obligations are clear or easy to follow”. The paper says it is “clear from stakeholder feedback and the increasing frequency and severity of major cyber incidents, that more explicit specification of obligations, including some form of best practice cyber security standards, is required across the economy to increase our national cyber resilience and keep Australians and their data safe.”
Customer Reviews
Thanks for submitting your comment!