Australia’s infosec industry is lobbying for a mandatory security baseline to ensure basic IT standards are met across the country, with penalties issued to those that don’t comply.
Australia’s infosec industry is lobbying for a mandatory security baseline to ensure basic IT standards are met across the country, with penalties issued to those that don’t comply.
As reported by IT News, the Australian government is looking to revamp its outdated cybersecurity strategy, prompting a number of organizations to weigh in on the issue. The Australian Information Security Association (AISA) has released a public response that proposes a mandatory baseline for security standards, as well as support for small to medium businesses to reach a basic level of IT security.
AISA is Australia’s primary infosec representative body, consisting of more than 3,000 members which named poor information sharing, lack of investment in security and failure at an executive level to recognize security risks as the top challenges for Australian organizations.
The members hope to encourage the adoption of improved security controls with a regulatory “push”, calling for greater penalties where data security failures occur.
“There is also wide support for increased enforcement and penalties for non-compliance with agreed baselines where private information is concerned or where such enforcement would be regarded as for the public good,” said the AISA response.
Also responding to the government’s strategy update, the Communications Alliance is lobbying for the consolidation of Australia’s cybersecurity into one lead agency, ending what it deems as a ‘piecemeal’ approach to dealing with security issues.
Meanwhile, Australia’s federal government issued a warning earlier this month over a spate of recent website hacks claiming to have links with extremist group ISIS.
