AGL Energy, an Australian company, has urged the federal government to set a better example in cybersecurity by strengthening its systems, achieving mandated maturity levels, and sharing threat intelligence with the community.
In a submission to the Australian cyber security strategy discussion paper, AGL expressed concern about the government's difficulties in implementing essential controls and emphasized the need for government entities to lead in adopting better cybersecurity practices. AGL called for accelerated hardening of government systems, acknowledgment of areas where improvements are needed, and proactive action to address identified shortcomings. The company also proposed that the government declassify and share threat intelligence, establish an information-sharing network, conduct structured reviews after major incidents, and address the shortage of cybersecurity professionals through various interventions. AGL further suggested the implementation of a cybersecurity accreditation scheme for procured products and services, ensuring security by design and ongoing support. While supporting the harmonization of cybersecurity laws under a single Cyber Security Act, AGL opposed a complete ban on ransom payments, citing potential catastrophic consequences in certain circumstances where paying a ransom might be the only viable option for achieving acceptable outcomes.