Share this article on:
Australia’s federal government has announced it will appoint a senior official to a new National Office for Cyber Security to help mitigate the impact of the kinds of major incidents that struck Australian businesses in 2022.
The announcement will be made as part of a roundtable discussion today (27 February) between government, business, and cyber security officials, hosted by Home Affairs Minister Clare O’Neil and Prime Minister Anthony Albanese.
The official who will take the post is yet to be named, but the new position will operate under the aegis of the Department of Home Affairs. Speaking to the ABC ahead of the roundtable, Minister O’Neil said the new appointment would have two tasks to achieve.
“The first will be to try to provide some strategy and structure and spine to the work being done across government, so it will mean things like making sure that the billions of dollars that we are investing in cyber security each year are being spent in a way that’s strategic and appropriate, that we’ve got different parts of government communicating with each other and working together on helping lift cyber security protections across the country,” she said.
“The other really important part of this person’s job will be to help manage cyber incidents in a proper, seamless, strategic way across the Australian government.”
One of the proposed changes to be discussed at the roundtable is the paying of ransoms to retrieve data affected by a ransomware attack. The government will ask if such payments should be made illegal, to hopefully deter threat actors from attacking in the first place. Boosting Australia’s cyber workforce will also be on the agenda.
At the same time, the government is also proposing a discussion paper to help create laws and policies that are “fit for purpose” for the current environment of cyber threats and to reform the Security of Critical Infrastructure Act.
“Australia has a patchwork of policies, laws and frameworks that are not keeping up with the challenges presented by the digital age,” Minister O’Neil said in a statement released over the weekend.
“Voluntary measures and poorly executed plans will not get Australia where we need to be to thrive in the contested environment of 2030.”
One of the proposed changes to the act is to widen the current definition of critical assets to include customer information and to provide a clear set of standards for both business and government.
Minister O’Neil announced late last year that the Albanese government was pushing for a review of Australia’s cyber security readiness and would be reviewing the previous government’s strategies in the area. A new expert advisory board was set up to help coordinate the strategy review. The head of the board, former Telstra chief executive Andy Penn, backs today’s discussions.
“If we are to lift and sustain cyber resilience and security, it must be an integrated whole-of-nation endeavour,” Penn said in a statement.
“We need a coordinated and concerted effort by governments, individuals, and businesses of all sizes.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.