Cyber Ethos

Governance Risk and Compliance

Soci Act Compliance

Critical Infrastructure SOCI all you need to know

Australia’s Cyber Security Strategy 2020

On 6 August 2020, the Australian Government released Australia’s Cyber Security Strategy 2020 .

The Australian Cyber Security Strategy 2020 will invest $1.67 billion over 10 years to achieve our vision of creating a more secure online world for Australians, their businesses and the essential services upon which we all depend. It will be delivered through:

While this Strategy is an Australian Government initiative, we recognise the essential role of state, territory, local governments, businesses, academia, international partners and the broader community in strengthening Australia’s cyber security. Every part of government, business and the community has a role to play in implementing the Cyber Security Strategy 2020.

The Security of Critical Infrastructure (SOCI) Act in Australia is particularly important for companies in the critical sector and their vendors. This Act plays a crucial role in safeguarding Australia’s critical infrastructure from threats, especially in the context of the increasingly sophisticated cybersecurity landscape. Here are the key reasons for its importance:

The SOCI Act focuses on protecting essential services and infrastructure that are critical to Australia’s national security, economy, and public safety. These include sectors like energy, water, transport, communications, and now also extends to other sectors deemed critical.

With the rise in cyber threats, especially state-sponsored and sophisticated cyber-attacks, the Act provides a framework for the Australian government and critical infrastructure providers to collaborate and respond effectively to these threats.

The Act imposes mandatory reporting obligations for critical infrastructure entities. This ensures timely sharing of threat information, aiding in quick response and mitigation of potential security incidents.

Companies are required to develop and maintain comprehensive risk management programs. This drives a proactive approach to identifying and mitigating risks, including cyber risks, thereby enhancing overall resilience.

Vendors providing services to critical infrastructure entities also come under scrutiny. They are required to adhere to certain security standards and practices, ensuring that the supply chain does not become a vulnerability.

The Act allows for government assistance in the event of significant cyber incidents. This includes providing resources and support to respond to and recover from major attacks.

Non-compliance with the SOCI Act can lead to legal and financial repercussions. Therefore, understanding and complying with the Act is crucial for businesses in the critical sector and their vendors.

Expanded Sector Coverage under
the Amended SOCI Act

Expanded Sector Coverage under
the Amended SOCI Act

Protecting Critical Infrastructure and Systems of National Significance  Security Legislation Amendment (Critical Infrastructure) Bill 2020

Source – homeaffairs.gov.au

On 10 December 2020, the Minister for Home Affairs introduced the Security Legislation Amendment (Critical Infrastructure) Bill 2020 to Parliament.

The Bill seeks to amend the Security of Critical Infrastructure Act 2018 and expands its coverage from four sectors (electricity, gas, water and ports) to the following eleven critical infrastructure sectors:

Communications

Financial services and markets

Data storage or processing

Defence industry

Higher education and research

Energy

Food and grocery

Health care and
medical

Space technology

Transport

Water and
sewerage

Want to know more about SOCI Act Compliance?

Contact Us