The Australian Government recently opened the floor to public involvement as to the manner of strengthening the cybersecurity of Australia’s digital economy. Interested stakeholders are encouraged to prepare submissions to the Strengthening Australia’s Cyber Security Regulations and Incentives discussion paper.
This discussion paper ties into Australia’s 2020 Cyber Security Strategy to deal with issues of cybersecurity regulation. With concerns over ransomware, terrorism and breaches in Australia’s infrastructure, it comes as no surprise that the government is seeking public and business recommendations on how to combat these issues. Most notably, this discussion paper aims to address the shared responsibility of governments, businesses, and the wider community, as well as the best way to ensure business and consumer safety when dealing with goods or services online.
The paper is seeking recommendations on the following areas:
- Setting clear cybersecurity expectations:
- Increasing corporate governance standards with particular focus on accountability for directors and executives;
- Minimum security standards for personal information; and
- Uplifting security standards for smart devices.
- Increasing transparency:
- Cybersecurity labelling for smart devices to better identify the level of security implemented;
- Software vulnerability disclosure policies to aid detection and remedy of online vulnerabilities; and
- Cyber health checks for small businesses to address cyber risk management.
- Protecting consumer rights:
- Clear legal remedies for consumers affected by cybersecurity incidents – this will involve amending both the Australian Consumer Law as well as the Privacy Act 1988 (Cth).
If Australia aims to become “a leading digital economy by 2030” these measures need to be introduced to protect businesses and consumers. Especially after the impacts of COVID-19, hundreds of local businesses have already migrated online, and it will only be a matter of time before digital breaches hamper economic growth and online security.