AUSTRALIA Trends and Developments Contributed by: Dennis Miralis and Jack Dennis, Nyman Gibson Miralis
Nyman Gibson Miralis Level 9, 299 Elizabeth Street Sydney NSW 2000 Australia Tel: +61 292 648 884
Email: dm@ngm.com.au Web: www.ngm.com.au
Introduction Since releasing the 2023-2030 Australian Cyber Security Strategy (the “CS Strategy”) on 22 November 2023, the Australian government has pursued sweeping reforms to address the gaps in cybersecurity. The government aims to become “a world leader in cybersecurity by 2030”; however, the effectiveness of these actions and reforms still remains to be seen. For 2025, the actual impact of the 2024 reforms remains to be seen in the still-patchwork style legislative landscape and the Australian gov - ernment continues to play catch-up with both technology and other countries as it with an eyes the “frontier”. The CS Strategy is aimed at strengthening Aus - tralia’s cyberdefences and supporting people and businesses to be resilient to and recover quickly from cyber-attacks. Grounded in the 2023-2030 Australian Cyber Security Strategy: Action Plan (the “Action Plan”), the CS Strategy is planned out across three “Horizons” targeting six “shields” or “layers of defence”. Currently, Australia is in the final (albeit second) year of Horizon 1 (“Strengthen our foundations”) where - by it is aiming to address critical gaps, build protections and support “initial cyber maturity uplift”, with the government’s performance tar - get being 75% of department-led activities to
be on track. The government is setting itself up for Horizon 2 (“Expand our search”) come 2026, which aims to scale cyber maturity across the whole economy, make investments and grow a diverse cyber workforce. In its pursuit of the cyber frontier, the Australian government introduced the Cyber Security Bill 2024 (Cth) as part of the Cyber Security Leg - islative Package 2024, involving a number of updates to existing legislation. This bill is Aus - tralia’s first standalone cybersecurity legislation, but reflects largely what has been seen in the UK, Europe and other jurisdictions. This reform occurred in a long line of changes that have pre - ceded 2024. Overall, 2024 can be categorised as another year of change for the cybersecurity space, illustrating the fast pace of the technolo - gies and malicious actors, the delayed yet quick - ening pace of the government, and the inherent but necessary gap between implementation and enforcement to accommodate the slow adoption of these laws and regulation throughout many industries. Despite the success of law enforcement, such as Operation Cronos, cyber vulnerabilities are becoming more and more critical, as demon - strated by ransomware attacks such as against UnitedHealthGroup in February 2024 or even
30
CHAMBERS.COM
Powered by FlippingBook