Australia Launches Cyber Incident Review Board to Strengthen National Defenses
Australia has established a new Cyber Incident Review Board to conduct no-fault, post-incident investigations into major cyberattacks, granting the body the power to compel information from organizations.

The Australian government has officially launched the Cyber Incident Review Board, a new body tasked with conducting independent, no-fault investigations into significant cyberattacks affecting the nation's government and private sectors. Announced by Home Affairs and Cybersecurity Minister Tony Burke, the board aims to identify systemic weaknesses and extract lessons from major security incidents to bolster national resilience The Record.
The board is composed of seven members, chaired by Narelle Devine, the global chief information security officer at Telstra. The remaining members represent critical infrastructure entities, including Boeing Australia, NBN Co, the University of New South Wales, the law firm Allens, Toll Group, and SA Power Networks. This composition reflects a deliberate focus on critical infrastructure, a strategy intended to ensure that the board’s reviews are grounded in the practical realities of protecting essential services The Record.
Modeled after the U.S. Cyber Safety Review Board (CSRB) established in 2022, the Australian initiative seeks to replicate the success of its predecessor while addressing some of its limitations. Unlike the U.S. board, which relied entirely on voluntary cooperation from affected organizations, the Australian board has been granted the authority to compel information from entities that might otherwise decline to participate. This enforcement mechanism was a key recommendation from experts like Jeff Greene, a former U.S. cyber official, who noted that voluntary cooperation previously hindered the effectiveness of similar review bodies The Record.
The U.S. version of the board, which was recently disbanded by the Trump administration, produced three notable reports before its closure. Its most impactful investigation scrutinized a Chinese state-linked breach of Microsoft, which resulted in a scathing report detailing a "cascade of avoidable errors" and ultimately forced a shift in the company's security culture. Other reports, such as those concerning the Log4j vulnerability and the Lapsus$ hacker group, were viewed as having less impact due to a lack of focus on specific corporate accountability The Record.
The creation of this board comes in response to a series of high-profile cyberattacks in Australia, including significant breaches at health insurer Medibank and telecommunications provider Optus. These incidents created substantial political pressure on Canberra to modernize its cybersecurity posture. While the European Union has also established a similar review mechanism under its Cyber Solidarity Act, that function has yet to be exercised by the EU's cybersecurity agency, ENISA The Record.
By institutionalizing the review process, Australia joins a small group of nations attempting to formalize "lessons learned" cycles for national cyber defense. As the board begins its work, observers will be watching to see if its power to compel information allows it to drive more significant systemic changes than its international counterparts, particularly in an era of increasingly sophisticated state-sponsored intelligence operations The Record.