iTnews

AWS cautions gov against rushing in more cyber security regulations

By Justin Hendry on Oct 11, 2021 6:29AM
AWS cautions gov against rushing in more cyber security regulations

Before suite of existing reforms have had the chance to mature.

Amazon Web Services has urged the federal government to hold off imposing any further cyber security regulations on businesses before a range of other recent reforms come into effect.

The hyperscale cloud provider made the comments in its response [pdf] to a proposal that would impose either voluntary or mandatory cyber security governance standards on companies.

“We caution against the introduction of additional measures…before existing reforms have been properly implemented, matured and evaluated,” AWS said in a submission to the Department of Home Affairs consultation.

“This process is critical for ensuring that any new policies are based on evidence; [are] consistent and complementary to existing policies; and are addressing a genuine policy gap.”

The comments, made by AWS A/NZ head of public policy Roger Somerville, follow a jam-packed 12 months of cyber security reforms in the wake of the government’s 2020 cyber security strategy.

Since August 2020, the government has introduced and passed controversial online account takeover powers in eight months, passed the Online Safety Act, and begun a long-awaited review of the Privacy Act.

It has also introduced the Security Legislation Amendment (Critical Infrastructure) Bill 2020, which will give the government the controversial power to defend networks of critical infrastructure providers under cyber attack as a "last resort".

Last week, the Parliamentary Joint Committee on Intelligence and Security recommended those last resort powers be "swiftly legislated", while consideration of other components of that bill are pushed back.

AWS said that many of the reforms were "substantial and meaningful" and would have “a significant impact on building Australia’s cyber security and boosting confidence in the digital economy”.

“However, these reforms need time to take effect – and impacted entities allowed sufficient time for implementation – before the introduction of any new regulatory instruments or initiatives," it said.

AWS has therefore asked that “existing reforms, frameworks and program… be allowed space to be implemented, matured and evaluated before the introduced of addition regulatory measures”.

It has similarly urged the government to simplify and harmonise the regulatory environment to help improve understanding of cyber security expectations in both business and government.

“As noted in the discussion paper, [there are] at least 51 Commonwealth, state and territory laws that create, or could create, some form of cyber security obligation. Consequently, the risk of confusion, conflicting or overlapping regulations is high,” Somerville said.

AWS was also one of a number of businesses to oppose plans to hold company directors accountable for failing to manage cyber risks, which it believes is already part of a director’s duties.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
awscybercyber securitygovernmentrisksecurity

Partner Content

Security "mindset shift" needed to protect organisations
Promoted Content Security "mindset shift" needed to protect organisations
5 essential digital transformation ideas
Promoted Content 5 essential digital transformation ideas
Top 5 Benefits of Managed IT Services
Promoted Content Top 5 Benefits of Managed IT Services
Alienated from your own data? You’re not alone
Promoted Content Alienated from your own data? You’re not alone

Sponsored Whitepapers

Planning before the breach: You can’t protect what you can’t see
Planning before the breach: You can’t protect what you can’t see
Beyond FTP: Securing and Managing File Transfers
Beyond FTP: Securing and Managing File Transfers
NextGen Security Operations: A Roadmap for the Future
NextGen Security Operations: A Roadmap for the Future
Video: Watch Juniper talk about its Aston Martin partnership
Video: Watch Juniper talk about its Aston Martin partnership
Don’t pay the ransom: A three-step guide to ransomware protection
Don’t pay the ransom: A three-step guide to ransomware protection

Events

  • iTnews Benchmark Awards 2022 - Finalist Showcase
  • 11th Annual Fraud Prevention Summit 2022
  • IoT Impact Conference
  • Cyber Security for Government Summit
By Justin Hendry
Oct 11 2021
6:29AM
0 Comments

Related Articles

  • AWS, Telstra, L'Oreal Australia line up against cyber security director liability plan
  • Second critical infrastructure cyber security bill gets PJCIS green light
  • Second critical infrastructure security bill enters parliament
  • Gov puts forward second critical infrastructure security bill
Share on Twitter Share on Facebook Share on LinkedIn Share on Whatsapp Email A Friend

Most Read Articles

NSW digital driver's licences 'easily forgeable'

NSW digital driver's licences 'easily forgeable'

Kmart Australia re-platforms ecommerce site to AWS

Kmart Australia re-platforms ecommerce site to AWS

NBN Co's 250Mbps and gigabit growth is finally clear

NBN Co's 250Mbps and gigabit growth is finally clear

NBN Co sizes up six-figure customer exodus a year to fixed wireless

NBN Co sizes up six-figure customer exodus a year to fixed wireless

Digital Nation

COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
COVER STORY: From cost control to customer fanatics, AI is transforming the contact centre
As NFTs gain traction, businesses start taking early bets
As NFTs gain traction, businesses start taking early bets
The other ‘CTO’: The emerging role of the chief transformation officer
The other ‘CTO’: The emerging role of the chief transformation officer
Case Study: PlayHQ leverages graph technologies for sports administration
Case Study: PlayHQ leverages graph technologies for sports administration
Metaverse hype will transition into new business models by mid decade: Gartner
Metaverse hype will transition into new business models by mid decade: Gartner
All rights reserved. This material may not be published, broadcast, rewritten or redistributed in any form without prior authorisation.
Your use of this website constitutes acceptance of nextmedia's Privacy Policy and Terms & Conditions.