Australia's Cyber Security Bill 2024, effective May 30, mandates that companies with a turnover exceeding AUS $3 million report any ransomware payments within 72 hours. Although paying ransoms is not illegal, the Australian Signals Directorate (ASD) advises against it, underscoring the need for transparency in cybercrime incidents. The initial six-month grace period allows businesses to adapt to these requirements, with more stringent enforcement starting in 2026. This legislation aims to help the government amass data on ransomware attacks and the business impact, thereby facilitating more informed policymaking in the future.
Australia's new Cyber Security Bill 2024 mandates that large companies must report ransomware payments to the government within 72 hours to combat rising cybercrime.
The Australian government seeks to gather data on ransomware incidents to understand trends, assess the scale of the problem, and inform potential future legislation.
With a grace period for compliance, companies exceeding AUS $3 million in turnover will need to provide detailed reports of cyber incidents and ransom payments.
The legislation aims to promote transparency in ransomware activities, with non-compliance potentially leading to significant fines starting in 2026.
Collection
[
|
...
]