Smart devices face tougher cybersecurity rules under new laws

The Nightly

2 Min Read

3 hours ago

Handsome young man setting smart watch while sitting at the desk in creative office Credit: F8 \ Suport Ukraine - stock.adobe.com

All smart devices including watches, fridges and televisions would have to meet minimum cybersecurity standards under new laws the Government hopes will better protect Australians and businesses.

The new regime will also make it mandatory for some businesses to report if they pay a ransom to hackers.

The Government will establish an expert panel to review serious or unusual cybersecurity breaches to give it oversight of risks and the ability to see whether there are patterns of attacks.

Get the first look at the digital newspaper, curated daily stories and breaking headlines delivered to your inbox.

By continuing you agree to our Terms and Privacy Policy.

Home Affairs and Cybersecurity Minister Tony Burke will introduce the nation’s first standalone cybersecurity act to Parliament on Wednesday aimed at strengthening the security environment and better protecting critical infrastructure.

He said it was long overdue.

“Australians love the convenience of smart devices at home, but consumers need to know that smart devices are still safe devices,” he said.

“This legislation ensures we keep pace with emerging threats, positioning individuals and businesses better to respond to, and bounce back from cyber security threats.”

Minister for Employment Tony Burke at a press conference at Parliament House in Canberra, Wednesday, July 17, 2024. (AAP Image/Mick Tsikas) NO ARCHIVING — Home Affairs and Cybersecurity Minister Tony Burke will introduce the nation’s first standalone cybersecurity act to Parliament on Wednesday aimed at strengthening the security environment and better protecting critical infrastructure. Credit: MICK TSIKAS/AAPIMAGE

The minister said businesses had been consulted extensively over the new laws because while the Government had to lead the way on cybersecurity, it could not do it alone.

“To achieve Australia’s vision of being a world leader in cyber security by 2030, we need the unified effort of government, industry and the community,” he said.

The legislation also gives the Government power to direct operators of critical infrastructure across sectors including communications, financial markets, Defence industry, groceries, transport and utilities such as power, water and sewerage, to address serious deficiencies in their risk management programs.

It ensures the Government can step in as a last resort to manage the consequences of significant cyberattacks in these sectors.

This could involve ordering companies to hand over information or the minister directing them to take or refrain from certain actions in the case of a serious incident.

Last year, Australians reported nearly 94,000 cybersecurity threats, or one every six minutes. The Australian Signals Directorate became involved in responding to more than 1100 incidents.

The country has grappled with a string of high profile cybersecurity incidents over the past couple of years including data breaches at Optus, Medicare and even parliamentary networks.