Government announces new cyber security measures, with small business focus

The Albanese government has recently announced a range of new cyber security measures, noting the rapid digitalisation across the economy over the past few years and increasing vulnerability due to cyber-attacks.                                                                                           

To meet the Government’s aspiration to make Australia the most cyber-secure country in the world by 2030, all Australian businesses will need to increase their cyber security preparedness and resilience in coming years.  

This will require retailers to invest in cyber security and develop effective risk management strategies, in addition to addressing the significant challenges and economic pressures already faced by our industry, and smaller retailers in particular.  

The ARA has produced a suite of comprehensive resources providing guidance on cyber security threats faced by the retail sector and effective risk management strategies. These insightful OnDemand discussions are available at retail.org.au/cybersecurity.                                  

2023-2030 Australian Cyber Security Strategy 

On 22 November 2023, the Government released the 2023-2030 Australian Cyber Security Strategy. The Strategy is a roadmap which will guide Australia towards becoming a world leader in cyber security by 2030. The Strategy seeks to improve cyber security capabilities, manage cyber risks, and better support Australian citizens and businesses to engage with the cyber environment around them using six cyber shields: 

  1. Strong businesses and citizens
  2. Safe technology
  3. World-class threat sharing and blocking
  4. Protected critical infrastructure
  5. Sovereign capabilities
  6. Resilient region and global leadership 

The Strategy seeks to shift cyber security from a technical topic to a ‘whole-of-nation’ conversation, focusing on creating strong partnerships to deliver tailored support and better outcomes for Australian communities and businesses. 

You can find out more here

 

Cyber Security Strategy Action Plan 

The Government’s Cyber Security Strategy Action Plan supplements the Strategy and translates the commitments and initiatives within the Strategy into immediate actions. To ensure the initiatives are delivered, the Government will: 

  1. Allocate resources to strategy implementation and governance 
  2. Define clear accountabilities for delivery
  3. Continue close consultation with industry and the community
  4. Conduct robust evaluation of progress
  5. Adapt the plan in response to changes in the cyber landscape 

In addition to the Strategy and Action Plan, the Government will also release a Consultation Paper to work directly with industry to inform proposed legislative reform on new initiatives to address gaps in existing laws, and amendments to the Security of Critical Infrastructure Act 2018 to strengthen protections. This consultation will remain open until March 2024. 

The ARA welcomes the collaborative approach taken by the Government with respect to engaging in close consultation and co-design wherever possible. The ARA supports the establishment of the proposed Executive Cyber Council of industry leaders to enable broader collaboration on national cyber security priorities and the initiatives of the Strategy.  You can find out more here

 

Cyber Health Check and Small Business Cyber Resilience Service 

Under the Strategy, two new programs will provide support to businesses including a $7.2 million cyber health check program that allows businesses to undertake a free ‘check-up’ of their cyber security maturity and access educational tools and materials, and a $11.1 million Small Business Cyber Resilience Service businesses can call for assistance with recovery from a cyber-attack. 

 

Cyber Wardens

The new programs complement a $23.4 million Cyber Wardens program that helps small businesses manage cyber-attacks. The program educates and empowers small business owners to protect their workplace and build cyber resilience. The program is delivered by the Council of Small Business Organisations Australia and will result in up to 60,000 Cyber Wardens being trained over the next three years.  

 

Cyber Threat Report 

The new cyber security measures will assist businesses to mitigate the cost of cyber crime. Cyber-attacks harm businesses by causing significant financial and reputational damage, particularly at a time when they are already facing economic pressures.  

According to the Australian Signals Directorate’s Cyber Threat Report, the cost of cyber crime to businesses increased by 14 per cent in the 2022-23 financial year as compared with the previous financial year. Small businesses experienced an average financial loss of $46,000, while cyber crime cost medium sized businesses an average of $97,200. It is therefore imperative for retailers to proactively manage risk with respect to cyber crime.  

 

ARA Cyber Security Resources 

The ARA supports the Government’s commitment to make Australia the most cyber-secure country in the world by 2030, and is equally committed to ensuring the retail industry builds its cyber security preparedness, capability and resilience in coming years. Find out more about what the ARA is doing to support members at www.retail.org.au/cyber-security. 

SHARE THIS ARTICLE

FURTHER READING

NSW ANZAC Day trading restrictions legislated

On 15 August 2024, the NSW government passed new legislation that will ban trade on the ANZAC Day public holiday for all national retailers operating in NSW. Taking effect from

ARA Leasing Issues for FY25

Purpose/Overview The ARA’s Leasing and Franchising Committee members have pulled together their collective top Retail Leasing concerns/issues for FY2025 – being the matters that Retailers should currently look out for