Cyber security reform to learn from past data breaches

Compulsory ransomware reporting for some businesses is part of a new cyber security package. (Dave Hunt/AAP PHOTOS)

Cyber security reform proposing mandatory standards for smart devices and reporting requirements for some businesses "strike the right balance" and puts Australia on the path to learning from past incidents.

New legislation to create the nation's first standalone Cyber Security Act was introduced to federal parliament's lower house on Wednesday.

"This is a significant step in achieving the Australian government's vision of becoming a world leader in cybersecurity by 2030," Cyber Security Minister Tony Burke told the parliament.

"We need a framework that enables individuals to trust the products they use every day."

Under the package, the government will be empowered to direct companies and other entities to fix serious deficiencies within their risk management program.

Tony Burke speaks in parliament
Tony Burke wants Australia to become a world leader in cybersecurity.

A Cyber Incident Review Board would be set up under the changes and would function as an independent advisory body able to conduct "no fault" assessments of significant cyber security incidents.

Pointing to previous major data breaches such as the Medibank hacking attack, Mr Burke said the reform would provide a "cohesive legislative toolbox for Australia to move forward with clarity and confidence in the face of an ever changing cybersecurity landscape".

Medibank is facing legal action and enormous fines over the breach in October 2022, which affected 9.7 million customers.

Hackers stole personal and highly sensitive information and published it on the dark web.

A Medibank email update (file image)
Hackers published stolen Medibank client information on the dark web.

The changes include mandating minimum cyber security standards for smart devices and compulsory ransomware reporting for certain businesses, which are yet to be decided on, to report ransom payments.

Mr Burke said the government had worked extensively with business and believed the bill's measures "strike the right balance to achieve our security outcomes" without burdening companies.

The regulation of telecommunications security would be moved into the Security of Critical Infrastructure Act, and existing obligations for systems holding business-critical data would be further clarified.

The legislative package will go before a parliamentary committee to be scrutinised.

License this article

What is AAPNews?

For the first time, Australian Associated Press is delivering news straight to the consumer.

No ads. No spin. News straight-up.

Not only do you get to enjoy high-quality news delivered straight to your desktop or device, you do so in the knowledge you are supporting media diversity in Australia.

AAP Is Australia’s only independent newswire service, free from political and commercial influence, producing fact-based public interest journalism across a range of topics including politics, courts, sport, finance and entertainment.

What is AAPNews?
The Morning Wire

Wake up to AAPNews’ morning news bulletin delivered straight to your inbox or mobile device, bringing you up to speed with all that has happened overnight at home and abroad, as well as setting you up what the day has in store.

AAPNews Morning Wire
AAPNews Breaking News
Breaking News

Be the first to know when major breaking news happens.


Notifications will be sent to your device whenever a big story breaks, ensuring you are never in the dark when the talking points happen.

Focused Content

Enjoy the best of AAP’s specialised Topics in Focus. AAP has reporters dedicated to bringing you hard news and feature content across a range of specialised topics including Environment, Agriculture, Future Economies, Arts and Refugee Issues.

AAPNews Focussed Content
Subscription Plans

Choose the plan that best fits your needs. AAPNews offers two basic subscriptions, all billed monthly.

Once you sign up, you will have seven days to test out the service before being billed.

AAPNews Full Access Plan
Full Access
AU$10
  • Enjoy all that AAPNews has to offer
  • Access to breaking news notifications and bulletins
  • Includes access to all AAPNews’ specialised topics
Join Now
AAPNews Student Access Plan
Student Access
AU$5
  • Gain access via a verified student email account
  • Enjoy all the benefits of the ‘Full Access’ plan at a reduced rate
  • Subscription renews each month
Join Now
AAPNews Annual Access Plan
Annual Access
AU$99
  • All the benefits of the 'Full Access' subscription at a discounted rate
  • Subscription automatically renews after 12 months
Join Now

AAPNews also offers enterprise deals for businesses so you can provide an AAPNews account for your team, organisation or customers. Click here to contact AAP to sign-up your business today.

SEVEN DAYS FREE
Download the app
Download AAPNews on the App StoreDownload AAPNews on the Google Play Store