Holman Webb Lawyers | News & Publications

New obligations to report cyber incidents - critical infrastructure

Tuesday 5 July 2022 / by Tal Williams posted in Business, Corporate & Commercial Technology Law Cyber Attack Data Breach Ransomware Attack Essential Eight Critical Infrastructure Assets Mandatory Cyber Incident Response Requirements Cyber Security Incident Reporting

With the increasing prevalence of malicious cyberattacks, new regulations have been introduced to ensure that the government has knowledge of cyber incidences affecting specific entities in the following industries:

electricity
communications
data storage or processing
financial services
water
healthcare and medical
higher education and research
food and grocery comment transport
space technology

By implementing a mandatory reporting regime, the government seeks to strengthen the security and resilience of critical infrastructure, by empowering the relevant authorities to more immediately address critical cyber incidents - and to develop responses and protections to minimise the risk of future incidents occurring.

Ignore Cyber Protection – Pay the Price: Australian Securities and Investments Commission v RI Advice Group Pty Ltd [2022] FCA 496

Thursday 12 May 2022 / by Tal Williams posted in Banking & Finance Business, Corporate & Commercial Technology Law Cyber Security ASIC Essential Eight

It has happened: a company that failed to implement proper cyber security measures in Australia has been taken to court by the regulators, with the company ordered to pay costs of $750,000.

In the matter of the Australian Securities and Investments Commission v RI Advice Group Pty Ltd [2022] FCA 496, the Court found that a financial services provider had breached its licence obligations, and failed to act efficiently or fairly by not having in place adequate risk management systems to cater for risks arising in relation to cyber security.

The Importance of Staff Training and Cyber Security Vigilance

Thursday 15 July 2021 / by Tal Williams posted in Business, Corporate & Commercial Wills & Estate Planning Technology Law Australian Cyber Security Centre Essential Eight Cyber-Crime Scams Cyber Security Cyber-Attack Staff Training

In a recent article, Holman Webb highlighted the importance of the Essential Eight mitigation strategies recommended by the Australian Cyber Security Centre (ACSC) which, if implemented, minimises the chance of an organisation falling victim to a cyber-attack.

With this in mind, we thought it timely to remind readers of the importance of staff training and cyber-security vigilance.

Cyber Security: The Essential Eight Strategies to Protect Your Business

Thursday 17 June 2021 / by Tal Williams posted in Business, Corporate & Commercial Technology Law Cyber Security Essential Eight Government Security Committee Parliamentary Committee Report into cyber resilience Australian Cybersecurity Centre

Readers will recall from an article Holman Webb published back in 2018 that the Australian Cybersecurity Centre recommended eight best-practice mitigation strategies (the 'Essential Eight') that organisations should implement as a baseline defence against targeted cyber intrusions, ransomware and malicious insiders.

These strategies may seem relatively straightforward to those working within the IT industry, but the failure of organisations to implement the strategies (including government instrumentalities) has moved the Australian government to consider mandating the implementation of the Essential Eight controls, and requiring all public service entities to implement them forthwith.