Australia’s House of Representatives is deliberating cybersecurity legislation that seeks to implement the seven directives under the 2023–2030 Australian Cyber Security Strategy. The legislation calls for statutes that will align the country with best practices globally in cybersecurity.
The proposed measures are provided under Cyber Security Bill 2024, which passed its second reading in the House on Wednesday. The Australian Department of Home Affairs said ] the provisions include minimum cybersecurity standards for smart devices and mandatory reporting of ransomware payments. The bill also aims to advance the reforms under the Security of Critical Infrastructure Act 2018 by enhancing government support on managing the impacts of hazard incidents across critical infrastructure.
The bill’s sponsor, Australian Home Affairs Minister Tony Burke, said at the House session that estimated Australian ransomware payments averaged $6.2 million in 2023. “We need a framework that enhances our ability to counter ransomware and cyberextortion,” he stressed. The minister added that the bill is “a significant step” toward the federal government’s vision of elevating Australia as a cybersecurity world leader by 2030.
The bill’s legislative framework is based on Australia’s Cyber Security Legislative Reforms Consultation Paper issued in December 2023 and input from an industry stakeholder consultation in September.