Geo-Specific , Standards, Regulations & Compliance

Australia Unveils Game Plan to Guard Critical Infrastructure

New Risk Management Program to Strengthen Critical Infrastructure Resilience
Australia Unveils Game Plan to Guard Critical Infrastructure
Sydney Opera House (Source: Wikimedia/CC BY-SA 3.0)

Australia adopted a new risk management program that focuses on cybersecurity to strengthen the resilience and security of its critical infrastructure and essential services.

See Also: Solve Credential Chaos and Digitize Securely

Australian Minister for Home Affairs and Cyber Security Clare O'Neil says the new rules will help businesses prepare for, prevent and mitigate threats to the country's critical assets.

"Critical infrastructure assets are vulnerable to natural disasters and attractive targets for foreign interference, cybercriminals and other malicious actors who seek to do Australia harm," O'Neil said.

The risk management rules are the third and final security measures in recent amendments to the Security of Critical Infrastructure Act 2018.

The Critical Infrastructure Risk Management Program calls for an annual reporting requirement, compliance and regulatory rules, mandatory cyber incident reporting and several government assistance measures, among others.

The rules commenced on Feb. 17, 2023, and allow critical assets that are currently optional a period of six months to adopt a written risk management plan and an additional 12-month period to achieve compliance.

Australia has made several cybersecurity reforms in response to the spate of cyberattacks the country has faced over the past year. It is also leading a global ransomware task force comprised of 37 like-minded governments that aim to share intelligence to stymie future digital extortion attacks (see: Australia Initiates Global Ransomware Task Force Operations).

Critical Infrastructure Resilience Strategy

Under the latest policy changes, Australia also has launched an updated Critical Infrastructure Resilience Strategy, which provides a road map for protecting essential services and assets including electricity, water, healthcare and groceries.

The strategy's objectives are to support critical infrastructure owners and operators in effectively managing risks through mature, risk-based and resilient approaches and in strengthening their security and resilience through regulatory frameworks and improved collaboration. It also seeks to deliver initiatives through strong industry-government partnerships.

The strategy highlights the continued partnership and close engagement between industry and government, empowered by the Trusted Information Sharing Network, to collaboratively uplift the security and resilience of Australia's critical infrastructure.

"The increasingly interconnected nature of critical infrastructure exposes vulnerabilities that could result in significant consequences to our security, economy and sovereignty," O'Neil says. "We need to ensure our critical infrastructure security arrangements keep pace with the evolving threat environment and continue to deliver the essential services we all rely on."

About the Author

Mihir Bagwe

Mihir Bagwe

Principal Correspondent, Global News Desk, ISMG

Bagwe previously worked at CISO magazine, reporting the latest cybersecurity news and trends and interviewing cybersecurity subject matter experts.

Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing, you agree to our use of cookies.