Industry predictions for 2024: What can the government do to combat cyber crime?

The role of the government when it comes to cyber security cannot be overstated – it sets the pace with regulations and is responsible for many of the agencies that keep Australia safe.

But what else can done?

The industry has some ideas:

Paola Zeni, chief privacy officer at RingCentral

National privacy amendments might be pending, but the time to prepare is now
The Australian government is planning to overhaul national privacy laws and introduce amendments in 2024. These reforms include giving the public more choice and control over how their personal information is collected and used. For businesses, the privacy reforms will provide greater clarity on how to protect personal information, improve trust and foster greater international competitiveness. It’s also likely that privacy exemptions that currently exist for small businesses will end. Given this significant pending change to privacy laws, it will be important for enterprises to evaluate their current compliance standards and prepare to adopt new standards to meet these future obligations. By doing this now, organisations will be better equipped to handle any new amendments that come into force next year.

Rob Dooley (VP APJ) and Sabeen Malik (VP global government affairs and public policy) at Rapid7

Education
Citizens will want to better protect themselves, so we can expect to see more public education awareness campaigns to accelerate greater understanding on the steps individuals can take to be more cyber aware. We will see the larger technology players collaborate with the government to run education programs and infuse cyber into their curriculums. The recent Microsoft and NSW TAFE partnership is a good example. However, it’s important to note that despite these initiatives, there is no one-to-one correlation that just because someone goes through these programs, they will actually choose a career in cyber.

Craig Bates, vice-president of Australia and New Zealand at Splunk

VIEW ALL

Fuelled by the AI boom, data privacy regulation will accelerate
The accelerated adoption and surge of unregulated generative AI has sparked a regulatory race among governments and organisations – and set the stage for a turbulent year ahead. Meanwhile, concerns over how data is collected and its privacy secured are intensifying. As organisations integrate AI into their day-to-day operations, business and technology leaders must comprehend the nature of the data collected and its intended use. While there are undoubtedly beneficial applications of AI, how can one ensure that their IP doesn’t end up in unauthorised hands or legal disputes? It’s questions like this that heighten the need for our policymakers to operate at a faster pace. It would be foolish to avoid the use of AI, so we need to ensure adequate guard rails are in place to safeguard both individual and organisational data. Because ultimately, the success and evolution of AI depend entirely on data itself.

John Kindervag, chief evangelist at Illumio and zero-trust creator

Politicians might finally understand the internet
As a new generation of legislators enters the government, we’ll see more legislation that’s reflective of the current technology landscape. Right now, a significant challenge in technology and cyber legislation is that regulators don’t understand how the internet works. That makes it hard to govern and enforce what happens in the digital world. This new generation will not only have a better understanding of how the internet, and its adjacent technology, works, but they’ll also be able to translate that knowledge into discerning which laws and regulations are meaningful. For example, we can look for this to first play out in the AI regulatory environment, where digital natives are more excited about the opportunities of this technology, while the older generation is more worried about the threats posed by this technology.

Shane Maher, managing director at Intelliworx

Tightening regulations
Anticipated cyber security regulations in 2024 include Australia’s Cyber Security Strategy, heightened data regulation in the UK, and increased consumer laws in the US Regulations offer clear guidelines for incident response, help identify areas for cyber security improvement, and streamline reporting procedures, necessitating effective communication by cyber security professionals.

Tony Jarvis, VP of enterprise security at Darktrace

Governments will get more hands-on fighting ransomware
The single biggest change happening right now is the greater involvement of government regarding ransomware.

The Australian government is now mandating that businesses report ransomware activity so that more can be done – both in terms of understanding the scale of the problem and also coordinating responses with impacted entities. This is Australia-only at this stage, but I expect other neighbouring countries to follow suit or adopt something similar.

I think this is interesting because ransomware has really been a problem since early 2016 and is now a global issue. [The] government is stepping in, meaning public-private cooperation. I expect to see additional government initiatives play out in this space both in Australia and around APAC as neighbouring countries take notice and learn from the efforts of others.

David Hollingworth

David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.