Image: Asha Barbaschow/ZDNet
Australia’s second tranche of cyber laws has passed through both houses of Parliament, meaning entities running “systems of national significance” will soon be beholden to enhanced cybersecurity obligations that could force them to install third-party software.
Home Affairs Minister Karen Andrews said the laws would boost the security and resilience of Australia’s critical infrastructure.
“Throughout the pandemic, Australia’s critical infrastructure sectors have been regularly targeted by malicious cyber actors seeking to exploit victims for profit, with total disregard for the community and the essential services we all rely on,” Andrews said.
“The Bill builds on the Morrison Government’s strong support for our national security agencies announced in Tuesday’s Federal Budget, to make Australia stronger and keep Australians safe in an increasingly uncertain world.
Australia’s parliamentary body tasked with reviewing cyber laws threw its support behind these laws last week, saying the laws would create a standardised critical infrastructure framework to make it easier for government and industry to approach cyber attacks in a precautionary fashion.
The laws, packaged in the Security Legislation Amendment (Critical Infrastructure Protection) Bill 2022, were initially meant to be part of the initial tranche of cyber laws for critical infrastructure entities that were enshrined last year. They were eventually left out of the first set of laws, however, due to the federal government wanting further consultation from industry on how to co-design a critical infrastructure regulatory framework.
Along with enhanced cybersecurity obligations, the critical infrastructure reforms will require critical infrastructure entities to maintain a risk management program for identifying hazards to critical infrastructure assets and the likelihood of them occurring. In addition, entities will have to submit an annual report about the risk management program and if any hazards had a significant impact on critical infrastructure assets.
Home Affairs Secretary Mike Pezzullo previously said the costs for running the risk management program, on average, would set entities back a one-off AU$9.7 million payment to set the program up and an annual ongoing cost of AU$3.7 million.
In terms of where the critical infrastructure reforms sit in the big picture, the reforms and the ransomware action plan will act as the federal government’s primary regulatory efforts for bolstering Australia’s cybersecurity posture. It sits separate to the Coalition’s newly proposed AU$9.9 billion cybersecurity program that was announced in the federal Budget, which is primarily focused on providing more resources to the Australian Signals Directorate.
RELATED COVERAGE
Stay connected with us on social media platform for instant update click here to join our Twitter, & Facebook
We are now on Telegram. Click here to join our channel (@TechiUpdate) and stay updated with the latest Technology headlines.
For all the latest Technology News Click Here
For the latest news and updates, follow us on Google News.
Denial of responsibility! NewsAzi is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.
