Australia is launching a new cybersecurity agency to boost its defences against the threat posed by hackers. The agency will be overhauling the country’s cybersecurity rules following high-profile, costly attacks on telecoms network Optus and health insurance provider Medibank.
Prime Minister Anthony Albanese said that Australia must increase its investment in cybersecurity as countries around the world battle a growing array of threats.
Australian government announces cyber agency
Albanese said the Australian government is facing up to the challenge posed by “state-sponsored attacks, which are equivalent to stealing classified information”, as well as other common types of attacks such as ransomware campaigns.
The new cyber rules will see a new cyber agency launched alongside a cybersecurity national supervisor. The agency will oversee government investment in the field and help to coordinate responses to cyberattacks. The supervisor will be supported by a national office within the department of home affairs, tasked with coordinating cross-departmental cooperation during a cyberattack.
Australia has also published a discussion paper detailing plans for a new cybersecurity strategy, seeking feedback from businesses on better collaboration between the private sector and the government in the event of a cyberattack.
Albanese used the talks to highlight Australia’s need to level up its cybersecurity. “As a nation, it is simply not at the level we need them to be,” he said. “This is a really fast-moving, rapidly evolving threat, and for two years Australia has been [behind] the pace.”
Current cybersecurity rules in Australia are “a patchwork of policies, laws and frameworks that are not keeping with the challenges presented by the digital age,” said Clare O’Neil, minister for home affairs and cybersecurity. “Voluntary measures and poorly executed plans will not get Australia where we need to be to thrive in the contested environment of 2030,” she added.
Australia’s cybersecurity goals
O’Neil used the opportunity to discuss Australia’s goals in cybersecurity. “To achieve our vision of being the world’s most cyber-secure country by 2030, we need the unified effort of government, industry and the community,” she said. “Together we can equip our community to reduce the number and impact of cyber incidents through improved cyber hygiene and provide clear advice on how to respond confidently when they occur.”
The cyber overhaul comes in the wake of a series of devastating attacks on Australian companies, which saw huge amounts of data stolen.
Medibank, an Australian private healthcare insurer, suffered a cyberattack last year, resulting in the loss of 200GB of personal data from patients. This was particularly serious as the data included the location of customers, their diagnoses, as well as credit card data.
The Medibank attack came weeks after a serious cyberattack on Optus, which saw 2.8 million customer records exposed, making it one of the most devastating attacks in Australian history.