Getting The Deal Through logo
Getting The Deal Through

Cybersecurity

Published: February 2019

Australia


    Expand All / Collapse All

  • 1.

    Summarise the main statutes and regulations that promote cybersecurity. Does your jurisdiction have dedicated cybersecurity laws?

  • 2.

    Which sectors of the economy are most affected by cybersecurity laws and regulations in your jurisdiction?

  • 3.

    Has your jurisdiction adopted any international standards related to cybersecurity?

  • 4.

    What are the obligations of responsible personnel and directors to keep informed about the adequacy of the organisation’s protection of networks and data, and how may they be held responsible for inadequate cybersecurity?

  • 5.

    How does your jurisdiction define cybersecurity and cybercrime?

  • 6.

    What are the minimum protective measures that organisations must implement to protect data and information technology systems from cyberthreats?

  • 7.

    Does your jurisdiction have any laws or regulations that specifically address cyberthreats to intellectual property?

  • 8.

    Does your jurisdiction have any laws or regulations that specifically address cyberthreats to critical infrastructure or specific sectors?

  • 9.

    Does your jurisdiction have any cybersecurity laws or regulations that specifically restrict sharing of cyberthreat information?

  • 10.

    What are the principal cyberactivities that are criminalised by the law of your jurisdiction?

  • 11.

    How has your jurisdiction addressed information security challenges associated with cloud computing?

  • 12.

    How do your jurisdiction’s cybersecurity laws affect foreign organisations doing business in your jurisdiction? Are the regulatory obligations the same for foreign organisations?

  • 13.

    Do the authorities recommend additional cybersecurity protections beyond what is mandated by law?

  • 14.

    How does the government incentivise organisations to improve their cybersecurity?

  • 15.

    Identify and outline the main industry standards and codes of practice promoting cybersecurity. Where can these be accessed?

  • 16.

    Are there generally recommended best practices and procedures for responding to breaches?

  • 17.

    Describe practices and procedures for voluntary sharing of information about cyberthreats in your jurisdiction. Are there any legal or policy incentives?

  • 18.

    How do the government and private sector cooperate to develop cybersecurity standards and procedures?

  • 19.

    Is insurance for cybersecurity breaches available in your jurisdiction and is such insurance common?

  • 20.

    Which regulatory authorities are primarily responsible for enforcing cybersecurity rules?

  • 21.

    Describe the authorities’ powers to monitor compliance, conduct investigations and prosecute infringements.

  • 22.

    What are the most common enforcement issues and how have regulators and the private sector addressed them?

  • 23.

    What penalties may be imposed for failure to comply with regulations aimed at preventing cybersecurity breaches?

  • 24.

    What penalties may be imposed for failure to comply with the rules on reporting threats and breaches?

  • 25.

    How can parties seek private redress for unauthorised cyberactivity or failure to adequately protect systems and data?

  • 26.

    What policies or procedures must organisations have in place to protect data or information technology systems from cyberthreats?

  • 27.

    Describe any rules requiring organisations to keep records of cyberthreats or attacks.

  • 28.

    Describe any rules requiring organisations to report cybersecurity breaches to regulatory authorities.

  • 29.

    What is the timeline for reporting to the authorities?

  • 30.

    Describe any rules requiring organisations to report threats or breaches to others in the industry, to customers or to the general public.

  • Updates and trends

View profile

McCullough Robertson is one of Australia’s leading independent law firms with offices in Sydney, Brisbane, Melbourne and Newcastle. Its Technology, Media and Telecommunications (TMT) practice acts for many public and private customers and suppliers of TMT goods and services.

View more information about McCullough Robertson


Sydney
Level 32
19 Martin Place
NSW 2000
Sydney
Australia
T: +61 2 8241 5609
F: +61 2 8241 5699


Testimonials

Briefing Signup

Sent approximately once a month, the free GTDT Briefing service alerts you of the latest titles to be published on GTDT Online.

Sign up to be notified of new content

Subscribe



Follow Getting the Deal Through for the latest updates on law and regulation worldwide

Follow us on LinkedIn