Businesses will be protected by a cyber security ecosystem as the government strives to make Australia the world’s most digitally locked-down nation by 2030, according to a discussion paper released by the Home Affairs Ministry.
Home affairs minister and minister for cyber security Clare O’Neil said a partnership between government and businesses would play a key role in building cyber threat resilience.
“It is clear that Australians expect more from businesses holding their sensitive data and government has a central role to play to ensure everyone is pulling their weight,” said Ms O’Neil.
“Industry needs to put cyber security at the heart of its business decisions and practices, and government needs to walk the talk and work with industry as genuine partners to build a nationally consistent approach.”
“I want Australia to be the world’s most cyber secure country by 2030. I believe that is possible, but it will take a concerted effort from industry and government alike.”
Prime Minister Anthony Albanese described the greater focus on cyber security for businesses as “essential as the shop having a lock on the door”.
“We need all Australian businesses to be able to protect themselves and - just as importantly - protect their customers,” he said.
The discussion paper - 2023-2030 Australian Cyber Security Strategy - said enhanced regulatory frameworks were crucial.
This included more explicit specifications of cyber security obligations and an example of best practice so businesses understood what was required to keep data safe.
The paper also referenced a report - the Commonwealth Cyber Security Posture in 2022 - that revealed how government agencies also needed to improve.
“Only 11 per cent of entities in it reached overall maturity level two through an implementation of the Australian Cyber Security Centre’s essential eight controls, and the majority of entities are yet to implement basic policies and procedures,” said the discussion paper.
The paper also said government responses to major cyber incidents required greater clarity and support for those impacted by the events.
“Government must ensure that frameworks for incident management and coordination are fit-for-purpose, and conduct post-incident review and consequence management following major cyber incidents,” it said.
“It is also clear that government should share the root cause findings from cyber incidents so that we can all benefit from these learnings.”
Greater investment in community support and skills building regarding cyber security was also proposed along with increased assistance and understanding for those small and medium-sized businesses that also face cyber threats.
“Despite widespread awareness of the potential risks posed by cybercrime, there is no consistent understanding of the practical steps that consumers, small and medium-sized enterprises, and other organisations must take to enhance their cyber security,” said the discussion paper.
“As with crimes which have devastating impacts on individuals, businesses, and communities, there is scope for government to explore opportunities to increase support available to victims of cybercrime.”
“There is an opportunity through the strategy to invest further in community awareness and skills building for cyber security, including for SMEs.”
You are not authorised to post comments.
Comments will undergo moderation before they get published.