AustCyber submission: Strengthening Australia’s cyber security regulations and incentives – discussion paper (Department of Home Affairs, August 2021)

We agree that much can be done to further strengthen Australia’s collective cyber security posture and that of individual organisations. We acknowledge the growing threat surface, and specific sources of vulnerability, as outlined by the Australian Government and our allies and security partners, over recent years.

Prior to the COVID-19 pandemic unfolding, cyber security was at a critical inflection point in the Australian economy as both a foundational element of doing business and in its maturity as an industry providing economic benefit as well as delivering the capabilities needed to defend against malicious cyber activity. The pandemic has of course only compounded this, but also afforded the nation an opportunity to better understand the role and practice of cyber security –and its relationship with privacy.

In this submission, we limit our comments to the specific proposals outlined in the Discussion Paper presented by the Department of Home Affairs, Strengthening Australia’s Cyber Security Regulations and Incentives.

In making this submission, we draw attention to the intersecting proposals for amendments to the Security of Critical Infrastructure Act 2018 Cth, currently before the Parliamentary Joint Committee on Intelligence and Security (PJCIS), which has potential implications for supply chains and broad segments of the Australian economy. We are of the view that any measures adopted, as envisaged by the Discussion Paper, should ensure harmonisation. This includes a focus on recognised international standards, with a view to ensuring market entry is facilitated for Australian companies seeking to export to trusted markets.