Compliant client onboarding and identity verification
Complimentary, all-inclusive AML/CTF solution
Order all your searches and certificates in one place
A dynamic, matter specific environment
Manage family law matters with one solution
Simplify estate administration and planning
Review contracts faster with AI-assisted precision
Electronically lodge registry documents and settlements
Securely collate client financial documentation
Serve documents fast with tracking
Practice Management Integration
Streamline administrative tasks and optimise workflows
Access our support guides for comprehensive self-help assistance
Allows suppliers to connect their products and services with the InfoTrack Ecosystem
Learn how software and integrations can transform the way you work
Find out the latest industry updates
Take on compliance with confidence
Take your professional development to the next level
Cyber Security Awareness Training
Build your cyber resilience
Discover leading edge property insights
2025 State of Real Estate Report
Insights from Australian Buyers and Sellers
On 29 November 2024, Australia’s first standalone cyber security law, the Cyber Security Bill, came into effect. This legislation represents a significant milestone in the country’s approach to managing cyber threats, introducing mandatory reporting requirements for ransomware and cyber extortion payments. It is essential for lawyers and conveyancers to understand how this new legislation impacts your business.
The Cyber Security Bill aims to build a clearer picture of the evolving threat landscape by mandating that certain businesses report ransomware payments. The government’s goal is to enhance transparency, improve industry support, and enable better mitigation of ransomware attacks.
The new legislation falls under Part 3 of the Cyber Security Bill, establishing reporting obligations that provide valuable insights into ransomware trends while ensuring sensitive business information is safeguarded.
Given the sensitive nature of client information held by law firms and conveyancers, the risk of ransomware attacks is particularly high. This legislation underscores the importance of robust cyber security measures to protect your practice and clients. Staying informed and compliant with these new requirements can mitigate the impact of cyber threats and uphold trust with your clients.
The new reporting obligations apply to:
If your organisation meets either of these criteria, it is critical to be prepared to comply with the reporting requirements.
Businesses that are required to report must do so to the Australian Signals Directorate and the Department of Home Affairs within 72 hours of making a ransomware payment or becoming aware that such a payment has been made. The report must include:
These reports help authorities understand and respond to ransomware threats more effectively while supporting affected businesses.
The legislation includes robust measures to protect businesses that comply with the reporting obligations:
These safeguards are designed to encourage reporting while protecting businesses from potential misuse of their disclosures.
The legislation respects the confidentiality of communications between legal advisors. This means that legal professional privilege remains intact, ensuring that sensitive discussions about ransomware incidents do not fall under the reporting requirements.
To ensure compliance with the new legislation, you should:
By staying informed and proactive, you can navigate the new cyber security legislation with confidence. Understanding your reporting obligations, implementing strong cyber security measures, and ensuring staff are prepared will help protect your practice and clients from evolving cyber threats. Compliance not only minimises risk but also reinforces trust in an increasingly digital legal landscape.