Read Time:2 Minute, 14 Second
The Security of Critical Infrastructure (SOCI) Act seeks to protect key infrastructure from physical and cyber threats.
The recent expansion of the Security of Critical Infrastructure (SOCI) Act 2018 by the Australian Government will significantly impact businesses in Australia.
The updated Act imposes obligations on entities that handle critical infrastructure in a variety of industries, including electricity, communications, data storage or processing, financial services and markets, water, health care, and medical facilities, higher education and research institutions, sports, organisations, space technology companies and businesses in the defence industry.
The SOCI Act update necessitates businesses in these industries to assess their data and how to protect it accordingly. Furthermore, directors and companies must now adhere to stricter reporting requirements concerning incidents of varying severity levels to the government.
Failing to address the security requirements of critical infrastructure could have severe consequences.
“As we’ve seen across the globe, cyberattacks pose a significant risk to our critical infrastructure and the safety of the people in our communities,” says Anthony Albanese, Australian Prime Minister. “That’s why it’s so important that businesses take the necessary steps to protect their data and ensure compliance with the SOCI Act.”
In the event of a serious compromise to companies or systems that are critical to infrastructure or national significance, the Australian Government can now step in and manage those businesses through the Australian Signals Directorate (ASD).
No other government has given itself the ability to do this.
Since directors are primarily responsible for critical infrastructure companies, they should be aware that these firms may need to disclose various types of information to varied regulators. It is important to note that the same operation standards may apply differently than in the past.
If companies want to avoid potential penalties, it is in their best interest to understand what the Australian government considers best practice. This way, they can make the necessary changes to their processes and technologies. Additionally, if an incident were to occur, they would then be able to demonstrate compliance with said best practices.
“To protect our critical infrastructure from cyberattacks, businesses must take the necessary steps now to ensure that they are prepared to respond in the event of a data breach,” says Mark O’Shea, CEO of AUCloud. “We believe that the best way to achieve this is by deploying a robust and secure cloud platform that can provide dynamic protection against evolving threats.”
The ASD Essential Eight encapsulates many of these best practices in the form of mitigation strategies designed to impede adversaries and protect critical data. These range from implementing safe application listings to prevent malicious or unwanted applications from running to ensuring essential data is understood and protected.
Happy
0 %
Sad
0 %
Excited
0 %
Sleepy
0 %
Angry
0 %
Surprise
0 %
0
0
