Redefining cyber readiness
Are you really prepared?
New laws, and new expectations of what cyber readiness means for you
The Australian Parliament passed a suite of new laws in November 2024 to drive cyber resilience.
Australia's first Cyber Security Act along with updates to the Security of Critical Infrastructure and Intelligence Services laws are just one part of the Australia's 2023-2030 Cyber Security Strategy – an agenda to build systemic cyber resilience.
They include ransom payment reporting, new security standards for smart (IoT) devices, limits on how cyber agencies use information, and the creation of a Cyber Incident Review Board, as well as amendments to security of critical infrastructure laws.
To really prepare for the impact of the legislation however, you need to do more than react to the legislation.
Let's face it - a cyber-attack is inevitable. How your organisation responds to a major incident and how your CEO and Board responds is critical – and how you respond is constrained by what you have done to prepare.
At Ashurst, we understand clients need more than legal advice – they need holistic solutions to navigate the complexities of conducting businesses globally, to help reduce risk and promote business performance and success. Our global teams of legal, Risk Advisory and Ashurst Advance professionals work side by side to deliver a seamless service, bringing together the technical expertise and critical thinking required to operationalise laws and regulations.
Our insights look at the new legislation, regulator expectations and the bigger picture – how you can really prepare.
Interested in learning more?
Redefining cyber readiness – Australia passes its first Cyber Security Act
Updates on the new cyber laws and commencement dates, and 3 cyber uplift activities you need to do to address the laws, as well as the underlying cyber risks.
Navigating the new laws
Redefining cyber readiness – Three ways to outpace Australia's new cyber laws
Insights on building the cyber readiness expected by regulators, the market and public - and to navigate an increasingly hostile cyber threat environment.
How to prepare
Changes to the SOCI Act are on the horizon
We explore the two key changes that could have a significant impact on how entities make decisions regarding their SOCI compliance.
Read more on the SOCI ActMore from this series
A clearer picture of the coming Cyber Security Bill and critical infrastructure reforms
Read more about what to expect to see from the upcoming Cyber Security Bill and critical infrastructure reforms.
Australia's cyber strategy – a bold regulatory reform agenda
Discover more about the 2023-2030 Australian Cyber Security Strategy and how to prepare.
Typhoon Warning: an urgent cyber warning from international cyber agencies
Learn more about Volt Typhoon, a cyber threat actor actively and successfully targeting US critical infrastructure.
Blue Screen of Death: Global CrowdStrike outage is a call to action
10 key legal and risk takeaways from the CrowdStrike outage, and its impact on organisations across the world.
Key contacts
This publication is a joint publication from Ashurst Australia and Ashurst Risk Advisory Pty Ltd, which are part of the Ashurst Group.
The Ashurst Group comprises Ashurst LLP, Ashurst Australia and their respective affiliates (including independent local partnerships, companies or other entities) which are authorised to use the name "Ashurst" or describe themselves as being affiliated with Ashurst. Some members of the Ashurst Group are limited liability entities.
Ashurst Australia (ABN 75 304 286 095) is a general partnership constituted under the laws of the Australian Capital Territory.
Ashurst Risk Advisory Pty Ltd is a proprietary company registered in Australia and trading under ABN 74 996 309 133.
The services provided by Ashurst Risk Advisory Pty Ltd do not constitute legal services or legal advice, and are not provided by Australian legal practitioners in that capacity. The laws and regulations which govern the provision of legal services in the relevant jurisdiction do not apply to the provision of non-legal services.
For more information about the Ashurst Group, which Ashurst Group entity operates in a particular country and the services offered, please visit www.ashurst.comThe information provided is not intended to be a comprehensive review of all developments in the law and practice, or to cover all aspects of those referred to.Readers should take legal advice before applying it to specific issues or transactions.