Australia: Introduced Cyber Security Bill 2024 (Bill No. 116/24)

On 9 October 2024, the Cyber Security Bill was introduced in the Australian House of Representatives. The Bill applies to manufacturers, suppliers, and entities involved in cybersecurity activities, including those that pay ransomware and produce or distribute smart devices. The Bill imposes several obligations, including compliance with security standards for smart devices, a requirement for impacted entities to report ransomware payments within 72 hours, and restrictions on the use of incident information. Additionally, it establishes a Cyber Incident Review Board to analyse major breaches and recommend improvements.