ACS Welcomes Cybersecurity Review, Proposes Minimum Data Security Standard
The Australian Computer Society (ACS), representing over 35,000 workers, welcomes the government's call for reform of cybersecurity and privacy regulation following the recent Optus data breach. ACS sees this review as an opportunity to modernise Australia's technology legislation framework to protect citizens and enable global competitiveness.
ACS proposes a consultative approach to implement a minimum standard for data security, covering various threats and malicious acts, including internal staff behaviour. This standard should be enforced with substantial penalties for non-compliance, with fines commensurate to the size of the breach. ACS also recommends considering tokenised payment gateways and identity gateways to reduce data storage risks.
Chair of the ACS Cyber Security Committee, Louay Ghashash, suggests that the minimum security standard requirement for every Australian company is compliance with the Privacy Act 1988. This act mandates the protection of personal data through appropriate security measures and data handling practices, including implementing reasonable technical and organizational safeguards to prevent unauthorized access, disclosure, or misuse of personal information.
ACS looks forward to collaborating with the Albanese government, particularly Ministers Gallagher, Rowland, and Husic, to develop a 21st-century digital economy legal framework. They are keen to work with key ministers in cybersecurity, technology, and telecommunications to ensure Australia's cybersecurity and privacy regulations are robust, modern, and enable global competitiveness.
