Australia’s Security of Critical Infrastructure Act 2018 (SOCI Act) was amended in 2021 and 2022 to more appropriately capture those assets that are critical to Australia’s defence, national security, economic and social stability. The amendments also responded to the deteriorating threat environment related to cyber-attacks.
The Security legislation Amendment (Critical Infrastructure Protection) Act 2022 came into effect 2nd April 2022, building on the original security of Critical Infrastructure Act 2018. With a compliance date of 17th of August 2024.
The Amendment introduces the following key measures.
The amendment sends a clear message to responsible entities of critical infrastructure assets that risk management must be prioritized to form part of the entities core business activities.
The SOCI Act previously only applied to 4 sectors: Electricity, Gas, Water and Maritime Ports.
This has now changed from 4 industry sectors to 11. The government has identified 11 critical infrastructure sectors that will be covered by the amended act, namely:
Under the Act, responsible entities for critical infrastructure assets have an obligation to maintain a register of critical infrastructure assets, develop and implement a Critical Infrastructure Risk Management Plan (CIRMP), notify external data service providers if their store or process business critical data and must report cyber security incidents that have a significant or relevant impact on their assets.
The CIRMP is intended to uplift core security practices that relate to the management of critical infrastructure assets, ensuring that responsible entities take a holistic and proactive approach toward identifying, preventing and mitigating risks. The requirements of the CIRMP are to:
The CIRMP needs to address the following four (4) hazard vectors:
We work with responsible entities across multiple industry sectors to help:
SOCI-compliance aside, a CIRMP provides peace of mind that your critical assets are protected and that your organisation has the appropriate mechanisms in place to protect them.
As an executive in any business, it is understandable that you want to ensure it is 100% safe, because your business is only as strong as its weakest link.
+612 9098 9000
subscribe our newsletter go get the latest updates and news from Opscentre
Copyrights © 2024 OpsCentre | Powered by PixxelStudio86.