AICD makes submission on proposed cyber security reforms

Monday, 30 August 2021

The AICD has made a submission to the Department of Home Affairs led consultation on proposed reforms regulatory to strengthen the cyber security of Australia’s digital economy.

The AICD is supportive of measures to strengthen cyber security and resilience, including governance and accountability practices across Australian businesses. The AICD’s view is that a partnership between government and industry has the best opportunity to result in significant improvements in cyber resilience across organisations of all sizes.

The AICD submission focuses on the proposal for cyber security governance standards for large businesses. The AICD does not support the introduction of a mandatory cyber security governance standard. Existing directors’ duties include an obligation to act with due care and diligence and this obligation appropriately covers emerging risks, such as cyber security. A mandatory standard would be a costly additional regulatory burden that may do little to improve cyber resilience but rather add to the existing complex patchwork of requirements that face large businesses in Australia.

The AICD supports in-principle a voluntary standard co-designed with industry that focuses on conveying fit-for-purpose guidance in a non-prescriptive manner. For a voluntary standard to drive genuine benefits, it should be principles based and preserve organisational flexibility to respond dynamically to the evolving nature of cyber security risk. Importantly, the standard should avoid overlap, replication or conflict with existing obligations and requirements.

Latest news

This is of of your complimentary pieces of content

This is exclusive content.

You have reached your limit for guest contents. The content you are trying to access is exclusive for AICD members. Please become a member for unlimited access.