Govt releases critical infrastructure exposure draft

By Dylan Bushell-Embling
Wednesday, 11 November, 2020

Govt releases critical infrastructure exposure draft

The federal government has released the exposure draft of new legislation, aimed at protecting critical infrastructure from cyber attacks, to public consultation.

As part of the proposed legislation, critical infrastructure providers would be subject to a positive security obligation, backed with sector-specific requirements.

This will include providers of infrastructure including electricity, water, telecommunications, health care and logistics.

The draft legislation would also include enhanced cybersecurity obligations for systems of national significance, centred around a strengthened relationship with government.

It would also provide avenues for governments to offer assistance to industry in response to immediate and serious cyber attacks to Australian systems.

As part of the new framework the government would keep a private register of information in relation to critical infrastructure assets, requiring the responsible entity for these assets to comply with a critical infrastructure risk management program.

Obligations would include notification of cybersecurity incidents, as well as on disclosing information in relation to the asset when necessary.

The legislation would grant the Minister for Home Affairs the ability to require these entities to make changes or refrain from doing things that may compromise the security of critical infrastructure assets. Ministers will also be granted powers to declare assets to be critical infrastructure assets at their discretion.

Violations of the provisions could result in civil penalty orders, injunctions or infringement notices.

“The increasingly interconnected nature of critical infrastructure exposes vulnerabilities that could result in significant consequences to our economy, security and sovereignty and industry will be important to the success of these reforms,” Minister for Home Affairs Peter Dutton said.

“We will continue to work closely with industry and other stakeholders to implement our plan to secure essential services — electricity, water, groceries and so on — without imposing an unnecessary regulatory burden.”

Image credit: ©

Related Articles

Australian cybersecurity market worth $5.6bn in 2020

Australian spending on cybersecurity reached $5.6bn this year, with more than half of spending...

Russia, Iran obtain US voter information

The US FBI warns that Russia and Iran have obtained US voter registration information, in an...

Communications cybersecurity to be top of agenda at CCV

Leading experts from the NSW Government, NIST and the private sector will spearhead the...

  • All content Copyright © 2020 Westwick-Farrow Pty Ltd