Govt releases critical infrastructure exposure draft


By Dylan Bushell-Embling
Wednesday, 11 November, 2020

Govt releases critical infrastructure exposure draft

The federal government has released the exposure draft of new legislation, aimed at protecting critical infrastructure from cyber attacks, to public consultation.

As part of the proposed legislation, critical infrastructure providers would be subject to a positive security obligation, backed with sector-specific requirements.

This will include providers of infrastructure including electricity, water, telecommunications, health care and logistics.

The draft legislation would also include enhanced cybersecurity obligations for systems of national significance, centred around a strengthened relationship with government.

It would also provide avenues for governments to offer assistance to industry in response to immediate and serious cyber attacks to Australian systems.

As part of the new framework the government would keep a private register of information in relation to critical infrastructure assets, requiring the responsible entity for these assets to comply with a critical infrastructure risk management program.

Obligations would include notification of cybersecurity incidents, as well as on disclosing information in relation to the asset when necessary.

The legislation would grant the Minister for Home Affairs the ability to require these entities to make changes or refrain from doing things that may compromise the security of critical infrastructure assets. Ministers will also be granted powers to declare assets to be critical infrastructure assets at their discretion.

Violations of the provisions could result in civil penalty orders, injunctions or infringement notices.

“The increasingly interconnected nature of critical infrastructure exposes vulnerabilities that could result in significant consequences to our economy, security and sovereignty and industry will be important to the success of these reforms,” Minister for Home Affairs Peter Dutton said.

“We will continue to work closely with industry and other stakeholders to implement our plan to secure essential services — electricity, water, groceries and so on — without imposing an unnecessary regulatory burden.”

Image credit: ©stock.adobe.com/au/tippapatt

Related Articles

Emergency onboarding: what to do before and after a data breach

Organisations that have an emergency onboarding plan are better positioned to have their business...

Savvy directors are demanding more points of proof when cyber incidents occur

Pre-agreement on what a post-incident forensics effort should produce — and testing it out...

Cyber-attack prevention is better than a cure

Corporate and political decision-makers need to invest in areas that do a better job of...

Content from other channels on our network

How MTDCs can help address today's data centre power challenges

Wall of solar for German factory

Keeping pace with a complex grid

Retailers caught selling unapproved electrical appliances

Ampcontrol and Siemens partner on renewable energy solutions

Elastic announces AI-driven attack discovery feature

Vectra AI expands platform to combat GenAI threats

F5 reaches Australian public sector milestone

RingCentral launches AI contact centre solution in Aust

Western Sydney councils' transport plan endorsed

Global 5G connections reached 1.76 billion in 2023

AceComms partners with Hitachi Energy on industrial internet

Unseenlabs plans new satellite constellation for 2026

Comms Connect New Zealand returning to Christchurch

Govt audits national mobile coverage as Telstra extends 3G closure

  • All content Copyright © 2024 Westwick-Farrow Pty Ltd