Govt releases critical infrastructure exposure draft


By Dylan Bushell-Embling
Wednesday, 11 November, 2020

Govt releases critical infrastructure exposure draft

The federal government has released the exposure draft of new legislation, aimed at protecting critical infrastructure from cyber attacks, to public consultation.

As part of the proposed legislation, critical infrastructure providers would be subject to a positive security obligation, backed with sector-specific requirements.

This will include providers of infrastructure including electricity, water, telecommunications, health care and logistics.

The draft legislation would also include enhanced cybersecurity obligations for systems of national significance, centred around a strengthened relationship with government.

It would also provide avenues for governments to offer assistance to industry in response to immediate and serious cyber attacks to Australian systems.

As part of the new framework the government would keep a private register of information in relation to critical infrastructure assets, requiring the responsible entity for these assets to comply with a critical infrastructure risk management program.

Obligations would include notification of cybersecurity incidents, as well as on disclosing information in relation to the asset when necessary.

The legislation would grant the Minister for Home Affairs the ability to require these entities to make changes or refrain from doing things that may compromise the security of critical infrastructure assets. Ministers will also be granted powers to declare assets to be critical infrastructure assets at their discretion.

Violations of the provisions could result in civil penalty orders, injunctions or infringement notices.

“The increasingly interconnected nature of critical infrastructure exposes vulnerabilities that could result in significant consequences to our economy, security and sovereignty and industry will be important to the success of these reforms,” Minister for Home Affairs Peter Dutton said.

“We will continue to work closely with industry and other stakeholders to implement our plan to secure essential services — electricity, water, groceries and so on — without imposing an unnecessary regulatory burden.”

Image credit: ©stock.adobe.com/au/tippapatt

Related Articles

Why we need to redefine cybersecurity success to support CISOs

When Notifiable Data Breaches statistics are released we should look at the nature of the...

Is 2026 the year of identity? Just follow the money

What $40 billion in cyber acquisitions says about the future of identity security.

Proactive cybersecurity must lead innovation in Australia’s AI future

AI presents extraordinary opportunities for productivity, innovation and growth but it also...

Content from other channels on our network

Critical alert: exploitation of Cisco SD-WAN appliances

DTA signs single sourcing agreement with Microsoft

ASD launches malware analysis tool on GitHub

NSW Government offers free face‍-‍to‍-‍face scam support for seniors

The next frontier: network sustainability is now a governance opportunity

Making Australian data centres more sustainable

Exploring grid security in a high-renewables era

$39.5m boost for electrical training in Qld

Delivering switchboards for a major healthcare precinct

Hallett battery project launched in SA

AusAlert testing to occur in June and July

Telstra, Ericsson and Qualcomm claim 5G uplink speed record

Belgian telco goes live with SaaS-based commercial 5G service

WBA publishes guidance on AI and ML for intelligent Wi-Fi

VIAVI launches caesium-less primary reference time clock

  • All content Copyright © 2026 Westwick-Farrow Pty Ltd