Australia is set to establish a second cyber security agency to coordinate the cyber security efforts across government - part of its response to numerous high-profile cyber attacks that rocked the nation last year.
The new agency will be called the National Office for Cyber Security and will sit in the department of Home Affairs. The government will appoint a coordinator for cyber security to lead the new agency and coordinate its cyber security responsibilities.
Australia already has the Australia Cyber Security Centre (ACSC) which leads the government’s efforts to improve cyber security and is part of the Australian Signals Directorate (ASD) - an agency in the defence portfolio.
“We're serious about making Australia the most cyber-secure country in the world by 2030,” said Clare O’Neil, minister for home affairs and cyber security, on Twitter. “That means we [are] appointing a new national coordinator to lead Australia's cyber security responses to cyber attacks.”
The coordinator is also set to oversee the government’s cyber security investment strategies and lead the government response to cyber attacks, according to Reuters.
At the same time, the government has released a discussion paper to guide the development of its new cyber security strategy. It’s currently seeking feedback on proposed policies and included a number of questions hinting at the direction it’s looking to take.
This includes the potential formation of a Cyber Security Act, prohibiting businesses or insurers from making ransom payments, and creating a single portal for businesses to report cyber attacks.
It’s also mulling greater engagement between ASD and ACSC, and organisations that experience a cyber attack to allow more information to be shared without the data being shared with regulators.
For now, details of the potential policies aren’t entirely clear. More information about how the policies may look will come after the 15 April 2023 deadline for responses.
“For businesses these days, cyber security is as important and essential as the shop having a lock on the door,” said prime minister Anthony Albanese. “We need all Australian businesses to be able to protect themselves and – just as importantly – protect their customers.”
In December 2022, O’Neil revealed that Australia was planning to be the most cyber-secure country by 2030, and would proactively hunt hackers as part of this strategy.
She highlighted the Optus and Medibank cyber attacks, underlining that those events needed to be used as a way to bring in a permanent cyber security change in the country.
O’Neil formally launched the programme to develop the nation’s Cyber Security Strategy, looking to help the nation strengthen its critical infrastructure and government networks.
