Telecommunications companies face fines of up to $250,000 if they do not take proper steps to head off cyber attacks that have the potential to cripple government agencies and damage businesses.
Attorney-General George Brandis said the laws, which were now out for consultation and will go to the parliament later this year, will ensure the safety of stored and transmitted data for business, individuals and the public sector.
The government estimates the changes will cost the industry about $220,000 a year.
The draft bill obliges about 1600 telcos and related companies, which earn about $43 billion a year, to protect their networks from unauthorised access and interference.
The laws will also require the companies to notify security agencies of key changes to networks and management systems that could adversely affect their ability to protect their networks.
And the Attorney-General's Department secretary will be given direction- and information-gathering powers, enforceable by Federal Court fines of $250,000 for a company and $50,000 for an individual.
Senator Brandis said the power would only be used as a last resort when co-operation could not be achieved.
Explanatory documents that came with the draft bill said there were two risks with the changes.
The first is security agencies dictating what technological and other improvements might be needed if a telco receives an enforceable obligation.
And the second is telcos deciding to wait for a formal notice before co-operating.
Telstra chief risk officer Kate Hughes said the company was examining the draft laws, but had already made significant investments in security.
"We have the necessary expertise and are best placed to manage security issues on our networks, and as such any government intervention should be light touch and principles based," she told AAP.
The Australian Signals Directorate's cyber security operations centre says there were more than 2100 serious cyber incidents in 2013, but thousands more probably went unreported.
In 2013, a cyber security breach into the retailer Target in the United States cost about $148 million, as customers had their credit card details stolen.
The government has rejected the options of a self-regulated industry code or the status quo.
The cost to government will be about $1.6 million a year.
Share
