Geo-Specific , Governance & Risk Management , Standards, Regulations & Compliance
Australia Centralizes Government Cybersecurity Response
Home Affairs Minister Clare O'Neil Dings Cybersecurity Law as 'Bloody Useless'The Australian government says it will centralize its approach to securing federal agencies by appointing a coordinator to head the new National Office for Cyber Security within the Department of Home Affairs.
See Also: Meeting the Mandate: A Proactive Approach to Cybersecurity Compliance and Incident Reporting
The appointment comes after the country down under experienced back-to-back major data breaches. Medibank, Australia's largest private health insurer, saw Russia-based ransomware hackers dump gigabytes' worth of stolen health claims online, while telecommunications company Optus suffered a data breach affecting approximately 10 million people. The government of Prime Minister Anthony Albanese has since vowed it will transform into "the world’s most cyber-secure country by 2030" (see: Australia Aims to Be World's 'Most Cyber-Secure' Country).
"For businesses these days, cybersecurity is as important and essential as the shop having a lock on the door. We need all Australian businesses to be able to protect themselves and their customers," Albanese said.
Clare O'Neil, minister for home affairs and for cybersecurity, announced the appointment in an early-morning appearance at ABC's AM radio. "We arrived in government finding a real mess in cybersecurity. What we saw was different parts of government and the private sector doing important things but all rowing in different directions," she said.
The cybersecurity coordinator will direct government's cybersecurity spending and help manage cyber incidents.
"We are in the process of advertising for that role so we are looking at something over the next month," she said when asked how long it would take to fill the new role.
Albanese announced the new plan at a roundtable event where he called on business leaders and independent experts to share their views on a discussion paper that will be finalized into a strategy paper intended to guide the next decade of cybersecurity policy.
O'Neil previously spoke about a "whole-of-nation approach" to cybersecurity in December when she announced the appointment of an Expert Advisory Board, chaired by former Telstra CEO Andrew Penn, to assist and advise the government on the development of the new cybersecurity strategy.
O'Neil also said the Australian statute governing engagement with the private sector needs revision, singling out the Security of Critical Infrastructure Act 2018 for criticism.
"That law was bloody useless - like, not worth being printed on the paper - when it came to actually using it in a cyber incident," she said on ABC.