Selloff or Market Correction? Either Way, Here's What to Do NextSee Overvalued Stocks

Australia to bolster cybersecurity defence with $600 million investment via new strategy

Published 22/11/2023, 01:50 pm
© Reuters.  Australia to bolster cybersecurity defence with $600 million investment via new strategy
AUD/USD
-

In a significant move to bolster Australia's cybersecurity posture, the Albanese Government has announced a $600 million investment and unveiled a comprehensive strategy to combat cyber threats.

The strategy, titled the 2023-2030 Australian Cyber Security Strategy, outlines a multi-pronged approach to protect businesses, citizens and critical infrastructure from evolving cyber threats.

"We need to act now to defend Australia from cyber threats," Home Affairs Minister Clare O'Neil stated.

"Australia is a wealthy country and a fast adopter of new technologies, which makes us an attractive target for cybercriminals."

With millions of Australians having their data stolen and released online in a series of high-profile cyberattacks such as those against Optus and Medibank, Minister O'Neil emphasised that the updated strategy would make every citizen, business, government agency and organisation a "harder target" and ensure those that were hit could bounce back faster.

Six cyber sheilds

The new strategy calls for the creation of six 'cyber shields', which are:

  • strong businesses and citizens;
  • safe technology;
  • world-class threat-sharing and blocking;
  • protected critical infrastructure;
  • sovereign capabilities; and
  • resilient region and global leadership.

Labor will boost spending on cybersecurity by $587 million between now and 2030, on top of the $2.3 billion commitment it inherited from the Morrison government.

That $2.3 billion was originally part of the $10 billion REDSPICE package for the Australian Signals Directorate.

Of Labor's funding increase, $291 million will cover support for small and medium businesses, building public awareness, fighting cybercrime, breaking the ransomware business model and strengthening identity security.

A further $146.3 million will be spent defending critical infrastructure and improving government cybersecurity, while $129.7 million will be invested on regional and global cybersecurity initiatives.

The Federal Police will get extra resources to "fight back" against cyber gangs as part of Australia's offensive cyber capabilities.

Safe harbour provisions

Amid complaints from the Australian Signals Directorate that some companies hit by a cyberattack were hindering the response by "lawyering up" because of concerns over damages claims or regulatory action, the government will introduce safe harbour provisions when disclosing incidents.

Under the new regime, to be co-designed with industry, businesses will face a no-fault, no-liability ransomware reporting obligation.

Limits will be put on how any information a business or industry shares with cyber officials can be used by other government bodies, including regulators.

"We need early warnings of ransomware attacks to enable the government to provide the right support at the right time," the strategy stated.

"We also need to build an improved picture of the ransomware threat so that we can develop appropriate responses."

Ransomware playbook

While the government will not ban companies making ransomware payments, it will create a 'ransomware playbook' to provide clearer guidance about how businesses should respond.

"The Australian Government continues to strongly discourage businesses and individuals from paying ransoms to cybercriminals," the strategy stated.

"There is no guarantee you will regain access to your information, or prevent it from being sold or leaked online. You may also be targeted by another attack."

Cyber safety review board

The government will also set up a new process to learn lessons from cyberattacks and share that information with the community, likening it to the Australian Transport Safety Bureau and drawing on the US model of its Cyber Safety Review Board.

The proposed Cyber Incident Review Board will conduct a no-fault post-incident review, with the aim of improving collective cybersecurity and hone preparations for responding to attacks.

"The proposed review mechanism will not make findings of fault and will not interfere with incident response or regulatory, intelligence or law enforcement functions," the strategy stated.

The government will also "encourage and incentivise" threat sharing and threat blocking by critical infrastructure providers and internet service providers and conduct more frequent national cybersecurity exercises across the economy.

With this comprehensive strategy and significant investment, the Albanese Government is taking a proactive stance to safeguard Australia's digital future and protect its citizens and businesses from the ever-increasing threat of cyberattacks.

Read more on Proactive Investors AU

Disclaimer

Latest comments

Risk Disclosure: Trading in financial instruments and/or cryptocurrencies involves high risks including the risk of losing some, or all, of your investment amount, and may not be suitable for all investors. Prices of cryptocurrencies are extremely volatile and may be affected by external factors such as financial, regulatory or political events. Trading on margin increases the financial risks.
Before deciding to trade in financial instrument or cryptocurrencies you should be fully informed of the risks and costs associated with trading the financial markets, carefully consider your investment objectives, level of experience, and risk appetite, and seek professional advice where needed.
Fusion Media would like to remind you that the data contained in this website is not necessarily real-time nor accurate. The data and prices on the website are not necessarily provided by any market or exchange, but may be provided by market makers, and so prices may not be accurate and may differ from the actual price at any given market, meaning prices are indicative and not appropriate for trading purposes. Fusion Media and any provider of the data contained in this website will not accept liability for any loss or damage as a result of your trading, or your reliance on the information contained within this website.
It is prohibited to use, store, reproduce, display, modify, transmit or distribute the data contained in this website without the explicit prior written permission of Fusion Media and/or the data provider. All intellectual property rights are reserved by the providers and/or the exchange providing the data contained in this website.
Fusion Media may be compensated by the advertisers that appear on the website, based on your interaction with the advertisements or advertisers.
© 2007-2024 - Fusion Media Limited. All Rights Reserved.