Home Affairs Minister Clare O'Neil said the devastating Optus and Medibank hacks exposed gapingflaws in Australia’s cyber laws.

“In those events, we were meant to have at our disposal a piece of law that was passed by the former government to help us engage with companies under cyber attack,” she told ABC’s AM.

“That law was bloody useless, not worth the ink printed on the paper when it came to actually using it in a cyber incident. It was poorly drafted.”

Ms O’Neil said when the Optus hack hit, she was left “really angry” that there was “no cybersecurity response function” in the government.

“Those events were completely foreseeable events that were completely not foreseen by the previous government,” she said.

About 10 million Australians had their personal information, such as passport, drivers licence and Medicare details, exposed in the Optus hack.

A further 10 million had their details breached in a later Medibank hack.

Although businesses were affected by the hacks, Ms O’Neil said everyday Australians were the real victims of the “insidious crimes”.

“Everyone has skin in the game when it comes to Australia’s cyber security,” she said.

The government noted there was scope to explore opportunities to increase support for victims of cybercrime who don’t have a centralised support service.

A cyber office, to be led by a new cyber security co-ordinator, will be established within the Department of Home Affairs to lead emergency responses to future attacks.

The government hopes to have the new senior public servant installed within a month to provide “structure and spine” to a refreshed cyber security strategy.

Reform to Australia’s security laws and the widening of the definition of what a critical asset is to include consumer data were also on the table, Ms O’Neil said.

“(The laws) are not fit for purpose at the moment, and I do think they need reform,” she added.

“Australia has a patchwork of policies, laws and frameworks that are not keeping up with the challenges presented by the digital age.”

The government also remains open minded about whether it should move to make it illegal for companies to pay a ransom to end a cyber attack.

“What the Australian government is thinking about is how do we reduce the fruits of ransomware for cybercriminals,” Ms O’Neil told ABC News.

“When we have people constantly paying ransom, it makes it look like Australia is a soft target and we are not a soft target.”

A roundtable of business and cyber security experts met on Monday to canvas how to better shield Australians from future incidents.

A discussion paper for the meeting explained it would take a unified approach to overhaul Australia’s current system.

“To achieve our vision of being the world’s most cyber secure country by 2030, we need the unified effort of government, industry and the community,” the 2023-2030 Australian Cyber Security Strategy outlined.

Ahead of the meeting, Anthony Albanese told participants the national cyber security capacity was “not at the level we need them to be”.

“For too many years Australia has been off the pace. Our government is determined to change that,” the Prime Minister said.

Former Telstra chief Andy Penn, who sits on the advisory panel for cyber security, said since Covid there had been a “dramatic increase” in the rate of cybercrime.

“The bottom line is there was not a single person within government who could step in (during the Optus hack),” he told the ABC.

“The community expected the government to be in a better position to give it guidance as to what to do to protect itself.”

Liberal frontbencher Dan Tehan said the Labor government should have built upon its previous strategy.

“We know that Clare O’Neil was asleep at the wheel when the Medicare hack took place. It took three, four days for any real action to take place,” he told Sky News.

“So if we can get immediate action, absolutely, but give us the detail and don’t say that there’s going to be more consultation and this will be put off for months and months ahead.”

The government has committed to reaching 1.2 million technology jobs by 2030 and pursuing the growth of the workforce through the fostering of science, technology, engineering, and mathematics skills.

Assistant Foreign Affairs Minister Tim Watts said bolstering the nation’s cyber security would necessitate co-operation from all corners.

“This is not a challenge we face alone,” he said.

“We all – Australia, our region and the global community – benefit from a stable and resilient cyber space.”

The government is asking all Australians who engage with technology – estimated to be 99 per cent of the population – to contribute to developing the nation’s cyber strategy.