New national commissioner to oversee cyber security
Andrew Brown and Paul Osborne |
A new national cyber security co-ordinator will be appointed in a bid to better protect information held by businesses and government.
The government said the co-ordinator would oversee work being done to prevent online attacks, as well as help manage data breaches when they take place.
The announcement coincides with a cyber security roundtable being held in Sydney on Monday, hosted by Prime Minister Anthony Albanese with business and government leaders.
Mr Albanese told the meeting cyber security was a fundamental priority of the government and the co-ordinator would be key to addressing it.
“For businesses these days, cyber security is as important as having a lock on the door – you wouldn’t leave your business at the end of the day and just leave the door open,” he said.
“And that, essentially, is what will occur unless there is more diligence, and unless we upgrade the level of security.”
A discussion paper has also been released, outlining a seven-year strategy that would aim to be in place from next year.
Home Affairs Minister Clare O’Neil said having a co-ordinator in place earlier would have made a significant difference during last year’s breaches of Optus and Medibank customer data.
“(One part of) this person’s job will be to help manage cyber incidents in a proper, seamless strategic way across the Australian government,” she told ABC radio.
The co-ordinator will be part of a new national office for cyber security within the Home Affairs department.
Advertising for the role will take place within coming months.
Ms O’Neil said the discussion paper would help to make Australia more cyber secure by the end of the decade.
She said current laws on cyber security were not up to scratch, as demonstrated by the Optus and Medibank breaches.
Changes being proposed at the roundtable include an update to the definition of what is a critical asset, along with steps business could take to prevent breaches.
Mr Albanese said state-sponsored cyber attacks were becoming more prevalent, including stealing classified information and using ransomware.
“Clearly, as it stands, government policies and regulations, business sector systems and our general awareness and capacity as a nation are simply not at the level that we need them to be.”
Former Telstra chief executive Andy Penn, who chairs a Home Affairs advisory panel on cyber security, said there was a lot more Australia could do to combat online threats.
“Since COVID, we’ve seen a dramatic increase in the rate of digital adoption, and unfortunately, we’ve also seen a dramatic increase in the rate of cyber crime,” he told ABC Radio.
“It’s not a case … of necessarily being behind anybody else. It’s just we’ve got to keep up with this growing phenomenon and dirge of malicious activity we’re seeing.”
Mr Penn said law reform was needed.
“You could argue that things like the corporations law and consumer law and privacy law already implicitly covers cybersecurity incidents. But we need to do more to make that more explicit,” he said.
“More does need to be done in a legislative sense on lifting our level of resilience.”
Opposition spokesman James Paterson said if the government believed “extreme emergency powers” were needed in relation to businesses, it should explain why.
He said the government had made policy co-ordination worse by dividing responsibility for cybercrime between home affairs and the attorney-general’s department.
“It is the government’s responsibility to make sure this is co-ordinated and coherent and in one place, and if they keep moving it around they’re making things harder for everyone,” he said.
AAP
