Govt looks to appoint Cyber Incident Review Board members

The Department of Home Affairs has opened up expressions of interest for appointments to establish the Cyber Incident Review Board (the Board).

The Board, established as part of ​​​​​​the Cyber Security Act 2024, acts as an independent advisory body to conduct no-fault, post-incident reviews of significant cyber security incidents in Australia.

An Expert Panel, drawn from a pool of industry sector experts according to the specific review, will support the Board.

The Minister for Home Affairs will appoint a Chair and up to six Standing Members to the Board, sourced from the community and business sectors.

The Chair position is responsible for ensuring the Board complies with the legislative obligations of the Cyber Security Act and other relevant legislative frameworks. 

The Chair will also lead the reviews and oversee the governance and strategic direction of the Board.

Standing Members will apply their expertise to identify and analyse complex systemic issues which led to or enabled a cyber-incident.

They will leverage their stakeholder networks to collect diverse perspectives to distil into insightful reports and recommendations, used to uplift cyber preparedness across the Australian cyber ecosystem.

Standing members will also work collaboratively to support the governance of the Board and support the Board in the appointment of the Expert and Review Panels.

The Cyber Security (Cyber Incident Review Board) Rules 2025 establish a broad set of eligibility criteria for the Board, covering significant experience across Australia’s critical infrastructure sectors, crisis response and management, cyber security and legal and corporate governance qualifications.

Appointees must also hold a Negative Vetting 1 security clearance in order to leverage classified materials in the conduct of a review.​

In addition to the criteria and other requirements, preferred candidates will demonstrate experience holding a Board position or positions, with strong senior leadership and strategic experience at an executive or advisory level.

They will also have significant experience in cyber security.

Reviews will provide recommendations to government

The Board reviews will identify the contributing factors to cyber incidents to help both sectors prepare for future cyber attacks​​.

At the completion of a review, the Board will provide recommendations to government and industry on its findings. These recommendations aim to prevent, respond to or minimise the impact of similar incidents and uplift Australia’s cyber resilience in the future.

The Board will only review an incident after it has occurred and initial investigation and response efforts have been completed. Reviews will focus on a single incident or a group of similar incidents.

These may share features such as attack method, type of system affected, or a known vulnerability.

The Board does not assign blame or determine who is responsible for an incident. Published reviews will also not include personal or classified information, including anything that could affect national security, defence, or international relations of the Commonwealth.