Govt passes critical infrastructure safeguards

By Dylan Bushell-Embling
Thursday, 29 March, 2018

The federal government has passed new legislation designed to safeguard Australia’s critical infrastructure against cyber attacks, threats of espionage and foreign interference.

The new legislation expands the capability of the Critical Infrastructure Centre by introducing a new ministerial directions power allowing the government to take access where a risk cannot otherwise be mitigated.

It is also establishing a register of Australia’s highest risk critical infrastructure assets, including information on ownership access and control.

Announcing the passage of the legislation, Minister for Home Affairs Peter Dutton said increased foreign investment and involvement in Australia’s critical infrastructure means it is more exposed than ever to sabotage, espionage and coercion.

“[The legislation] will significantly enhance the Critical Infrastructure Centre’s capacity to assess and manage complex risks,” he said.

Macquarie Government Managing Director Aidan Tudehope called the passage of the legislation a “crucial step forward” in protecting the nation’s critical infrastructure from cyber attack.

“The sad reality is that there are individuals, groups and even nations that have shown a willingness and ability to put the wealth, health and even lives of innocent Australians at risk by attacking critical infrastructure,” he said.

“Much of the infrastructure that allows us to operate in our day-to-day lives — power, communications, water, transport systems — are privately owned, and all are completely dependent on information and communications technologies to work.”

The legislation will extend obligations for private sector and state government owners and operators of critical infrastructure to comply with the programs developed to protect the government’s own agencies from cyber attack, such as the restrictions and recommendations from the Australian Signals Directorate, he said.

“The new laws mean the country’s leading cybersecurity experts in Canberra can now investigate the practices by these owners and operators. If necessary, the Minister can step in as a last resort,” Tudehope said.

“Hopefully this will never be necessary as the passage of the laws should be enough to prompt critical infrastructure businesses to take action themselves to come into line with the standard practice for federal government agencies.”

Image credit: ©stock.adobe.com/au/ArtemSam

Follow us and share on Twitter and Facebook