Australia’s first cyber security legislation has been passed by parliament after being approved by the senate.

It comes after the Parliamentary Joint Committee on Intelligence and Security (PJCIS) urged the federal government to swiftly enact the Cyber Security Legislative Package 2024.

The committee’s report emphasises the urgency of adapting to an increasingly hostile digital landscape.

The legislative package includes three key bills: the Cyber Security Bill 2024, the Security of Critical Infrastructure and Other Legislation Amendment (Enhanced Response and Prevention) Bill 2024, and the Intelligence Services and Other Legislation Amendment (Cyber Security) Bill 2024. 

Together, these aim to deliver the Australian Cyber Security Strategy 2023–2030, which sets the country on a path to meet global standards and establish itself as a leader in cyber resilience.

Designed to address gaps in existing laws, the package proposes measures such as mandatory ransomware payment reporting for businesses, enforcing minimum cyber security standards for smart devices, and empowering the National Cyber Security Coordinator and the Australian Signals Directorate under strictly defined terms. 

Additionally, the legislation introduces a Cyber Incident Review Board and strengthens protections for critical infrastructure, seeking more rapid responses to emerging threats.

The PJCIS report comes after extensive consultation, with over 60 submissions and two public hearings drawing input from industry leaders, government bodies, and civil society groups. 

“Hardening Australia’s cyber resilience and implementing the 2023–2023 Australian Cyber Security Strategy is an urgent priority of the Government and this Parliament,” said Senator Raff Ciccone, Chair of the Committee.

In response to feedback received during the inquiry, the committee put forward 12 recommendations, aiming to ensure the bills are implemented effectively and remain subject to ongoing review. 

Senator Ciccone acknowledged the thorough groundwork laid by the Department of Home Affairs but stressed the importance of incorporating the committee's recommendations to refine the legislation further.

The package not only seeks to safeguard vital systems but also aims to simplify information-sharing between industry and government and enhance government powers to address major security deficiencies. 

It integrates these measures with reforms to the Security of Critical Infrastructure Act 2018, streamlining regulatory oversight and aligning telecommunications security with broader critical infrastructure protections.

With cyber attacks posing growing risks to national infrastructure, businesses, and individuals, the proposed laws represent a proactive step towards securing Australia’s digital future.

Further details, including the full advisory report, can be found on the PJCIS website.

CareerSpot This email address is being protected from spambots. You need JavaScript enabled to view it.