After a spate of ransomware attacks, Home Affairs Minister Karen Andrews is considering a Labor proposal to make businesses report to a government agency before paying up.
"I'm open to exploring this, I am already exploring this," Ms Andrews told a business forum in Canberra on Thursday.
She plans to have more discussions in the coming weeks.
Labor's Tim Watts introduced a private member's bill to parliament on Monday following a spate of ransomware attacks.
Mr Watts welcomed the minister's comments but said the time to act on ransomware was now.
"When taking on this role three months ago, Karen Andrews declared that cyber security was a 'priority' for her," he told AAP.
"It's time we saw some real action."
Mandatory notification has been recommended by a wide range of international authorities.
Under his proposed laws, businesses and government agencies would need to notify the federal Australian Cyber Security Centre before paying any ransomware demands.
Mr Watts pointed to recent attacks on JBS Foods, Nine Entertainment and UnitingCare Queensland.
Last year, a ransomware attack halted delivery of milk for dairy processor Lion Dairy and Drinks.
Ms Andrews said she wanted businesses to contact the ACSC if they had a ransomware attack or other threats.
The centre, as part of Australian Signals Directorate, was well placed to support firms but relied on businesses sharing information.
"I certainly want the ACSC to be in a position to support businesses who have been subject to a ransomware attack," the minister said.
Global meat processing company JBS Foods paid more than $14 million in bitcoin this month to end a five-day cyber attack that halted operations, including in Australia.
The official line from the federal agency is that paying up encourages cyber criminals.
Australian Associated Press