On 9 October 2024, the Hon Tony Burke MP wrote to refer the Cyber Security Legislative Package to the Parliamentary Joint Committee on Intelligence and Security for inquiry and report.
The Legislative Package consists of the:
The Cyber Security Legislative Package 2024 intends to implement seven initiatives under the 2023-2030 Australian Cyber Security Strategy, which aims to address legislative gaps to bring Australia in line with international best practice and help ensure Australia is on track to become a global leader in cyber security.
These measures are intended to address gaps in current legislation to:
- mandate minimum cyber security standards for smart devices
- introduce mandatory ransomware reporting for certain businesses to report ransom payments
- introduce ‘limited use’ obligations for the National Cyber Security Coordinator and the Australian Signals Directorate (ASD)
- establish a Cyber Incident Review Board
The package also intends to progress and implement reforms to the Security of Critical Infrastructure Act 2018 (SOCI Act). These reforms intend to:
- clarify existing obligations in relation to systems holding business critical data
- enhance government assistance measures to better manage the impacts of all hazards incidents on critical infrastructure
- simplify information sharing across industry and Government
- introduce a power for the Government to direct entities to address serious deficiencies within their risk management programs
- align regulation for the security of telecommunications into the SOCI Act
Submissions are invited by Friday, 25 October 2024. Further information about making a submission to a parliamentary committee is available here.
To assist with planning, please indicate your intention to make a submission by Friday, 18 October 2024 via email to .