iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
The Aussie telco and cloud security firm made the case for a co-regulatory cyber security model in a government submission that was revealed overnight.
The Macquarie Telecom Group has called on the Australian government to adopt a co-regulatory model when it comes to improving collaboration on cyber security matters at a national level.
According to Macquarie’s submission to the government’s call for industry consultation on cyber security legislation, the creation of a Cyber Alliance Board could “support and encourage industry self-regulation as models for best practice”.
“The telco sector in specific, which is a related field (with technology, data and connectivity being at the core), provides a useful precedent for co-regulation,” Macquarie said in its submission.
“The co-regulatory model, or Cyber Alliance Board, could focus specifically on co-regulatory and legislative matters while keeping the existing (Trusted Information Sharing Network) TISN, industry and security discussions separate. For example, the current SOCI reviews the subject of this paper, and those scheduled for 2025 would clearly benefit from a legislative guidance from key cyber industry stakeholders.”
Macquarie also suggested that the US Cyber Safety Review Board would be a good model for the creation of the government’s proposed Cyber Incident Review Board. However, it’s not so thrilled with the government’s plan to use the Australian Transport Safety Bureau as a model.
“The ATSB was formed on 1 July 1999, and it investigates transport safety matters,” Macquarie said.
“This is a very established area with known and recognised risks and solutions, which have been drawn from decades of research and data. Cyber is far less known.”
Ransomware reporting is also a cause for concern, with Macquarie believing that any reporting mechanism should encompass all Australian businesses, not just ones of a certain size.
“This concern is twofold. Firstly, Macquarie repeats its general concerns regarding exceptions to cyber security standards. In order to close the gaps in our current legislative and regulatory framework for cyber security (an aim of the paper), we need a fulsome legislative response rather than have specific businesses not subject to the regimes,” Macquarie said.
The creation of a Cyber Alliance Board could address the information-sharing issue and make reporting and threat sharing “as simple as possible”.
Macquarie also strongly disagrees with some industry voices suggesting the Privacy Act is the best pillar for the regulation of critical business data.
“The Privacy Act does not provide guidance and regulation on how to best store data and respond to breaches. The SOCI regime does,” Macquarie said.
“The government must look beyond an individual rights approach which the Privacy Act provides.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
