What lawyers want from the new Minister for Cyber Security
Earlier this week, Clare O’Neil MP was sworn in as Minister for Home Affairs and Cyber Security. Lawyers Weekly subsequently spoke with senior lawyers specialising in cyber matters about what is needed for their clients in the coming term of Parliament.
Ms O’Neil – who was sworn in alongside the new Attorney-General, Mark Dreyfus QC (following Senator Katy Gallagher’s interim stint in the role) – succeeds former minister Karen Andrews in the cabinet portfolio.
This is especially pertinent, Herbert Smith Freehills partners Christine Wong, Cameron Whittfield and Peter Jones said, given that we “remain in the eye of a perfect storm”.
“We continue to face a highly complex and dynamic threat landscape. We also have an increasingly complex regulatory landscape impacting Australian businesses that are proving challenging to secure,” the trio told Lawyers Weekly.
“While we are seeing cyber issues become a regulatory priority (they are certainly a key business risk), we are still operating in an environment that lacks certainty around ‘what constitutes good practice’. These issues are consistent across the global landscape.”
The recent RI Advice case is a good example, Ms Wong, Mr Whittfield and Mr Jones went on, where the Federal Court did not provide the judicial guidance we were hoping for (largely given the manner in which that case settled, they added).
“It is very encouraging to see the new government prioritise cyber and make this a key ministerial portfolio. We would like to see the government assist in ‘simplifying’ the cyber regulatory landscape and providing clear guidance to corporate Australia (from small/medium businesses through to large listed entities) on best practice,” they espoused.
“The Australian government has an opportunity to lead in this space, as it did with the critical infrastructure reforms. Many of the laws in place now are agile enough to manage cyber risks, but we believe clear and practical guidance will go a long way to facilitating cyber resilience uplift across the board. We are only as strong as our weakest link, so it is in everyone’s interest to ‘lift the tide’.”
Allens partner Valeska Bloch said that, in order for lawyers such as herself to better support clients, Minister O’Neil needs to prioritise two things: cyber readiness and incident response.
On the former, Ms Bloch said that “given that so many regulators now want to regulate cybersecurity and incident response activities, greater alignment/standardisation of expectations and audits between regulators”.
On the latter, she said that “in the midst of responding to a cyber crisis would benefit from more streamlined interaction with government agencies. There will be benefit in building a greater understanding of how Home Affairs and relevant government agencies (e.g., the ACSC), law enforcement (including JPC3 and state cybercrime units) and regulators (potentially the OAIC, APRA, ASIC, FIRB etc) intend to coordinate (on their end) their engagement with (and support of) organisations affected by a major cyber incident, so as to minimise the touchpoints for organisations when they are in the heat of a crisis and a lot of urgent issues to tend to”.
Elsewhere, Clyde & Co partner Alec Christie said there is a need for “real and meaningful” consultation with industry and stakeholders under the new government.
That is, he said, “not having two weeks to make comments on draft legislation (to which industry has had no prior input)”.
Moreover, Mr Christie went on, “an overarching approach to assist uniformity and consider how best to achieve the goals with the least complication and complexity (i.e., not new regulation for regulations’ sake … can we use adapt a regulation we already have)”.
“Privacy and cyber regulation should not be so complicated that only a few know what their obligations are and how to implement them,” he submitted.
Clyde & Co principal Chris Mclaughlin supported this, arguing for new apprenticeship schemes for cyber, for those who do not attend university. He also suggested the creation of a “broad Cybersecurity Advisory Board, beyond the usual suspects that get included”, as well as simplified and broader access to Cyber Threat Intelligence.
Jerome Doraisamy
Jerome Doraisamy is the editor of Lawyers Weekly. A former lawyer, he has worked at Momentum Media as a journalist on Lawyers Weekly since February 2018, and has served as editor since March 2022. He is also the host of all five shows under The Lawyers Weekly Podcast Network, and has overseen the brand's audio medium growth from 4,000 downloads per month to over 60,000 downloads per month, making The Lawyers Weekly Show the most popular industry-specific podcast in Australia. Jerome is also the author of The Wellness Doctrines book series, an admitted solicitor in NSW, and a board director of Minds Count.
You can email Jerome at: