The Security of Critical Infrastructure Act (SOCI) protects us from unimaginable chaos

The Security of Critical Infrastructure Act (SOCI) is a national law which sets legal obligations for the owners and operators of critical infrastructure assets. “Critical infrastructure” includes facilities, supply chains or networks which, if damaged or disabled for an extended period, would significantly harm social or economic wellbeing, defence or national security.

SOCI is very broad and applies to 11 sectors that we all rely on for a safe, secure and well-functioning society and economy. SOCI applies to Communications, Data storage and processing, Defence, Energy, Transport and Water and Sewerage, Healthcare and others.

We should all be pleased that Australia has a system to place obligations on the owners and operators of these incredibly important assets. Obligations include reporting to government operation and ownership information, as well as cyber security incidents.

Critical infrastructure owners must also adopt, maintain and comply with a written risk management program.

For assets deemed as Systems of National Significance (SoNS), there are additional Enhanced Cyber Security Obligations (ECSO). These include preparing for cyber security incident response, building cyber response preparedness through exercises; vulnerability assessments, and sharing with government near real-time threat information.

Why is SOCI important? We all rely on Australia’s critical infrastructure. For everyday life we need safe, secure and reliable water, data, transport and healthcare.

While most of Australia’s critical infrastructure is in private hands, SOCI allows government to ensure that owners and operators implement safeguards to protect these assets and, in the end, us all. It is essential that this infrastructure is made impenetrable from cyber-attack.

It is hard to imagine the chaos which would result from our critical infrastructure being disrupted and damaged for a long or even a short period. Hackers infiltrating and controlling this infrastructure could see power and water turned off, and our roads, airports and seaports in dangerous chaos.

Next time: Where are the vulnerabilities and what could go wrong?

For all media enquiries, please contact:

About BOSSCAP Group

BOSSCAP is a privately owned multi-industry group. Established in Queensland, Australia, in 2012 as a vehicle import company, today the BOSSCAP Group has vertically integrated its supply chain and rapidly expanded its engineering and manufacturing capabilities, making it the only end-to-end solution in the Australian automotive sector.

Prioritising sustainability and sovereign capability, BOSSCAP began the journey to transition to electric vehicles in 2021. After significant investment and R&D, BOSSCAP released an electric ute to the Australian market in 2024, providing the mining and construction sectors a viable option for decarbonisation, and filling the void in the retail market.

Australian Owned

Social Impact Company

Australian Owned Certification provides businesses a way to positively market their Australian roots. We are cause-driven with a mission to support the Australian business community. When businesses get certified by us, they can promote, advertise, and market themselves as Australian Owned Certified to the direct marketplace.

AVC

Market Homologation

After 10 years industry experience, operating internally for the BOSSCAP Group, Australian Vehicle Certification was formed in 2021 to expand into the private and public automotive sector.

AMQ

Engineering & Manufacturing

Advanced Manufacturing Queensland (AMQ) is an Australian owned engineering and manufacturing company offering class-leading solutions to the automotive and defence industries.

AUSEV

Distributor of Commercial Electric Vehicles

AUSEV is an Australian owned distributor of commercial electric vehicles (EVs). It was established in 2021 to accelerate supply of commercial EVs into the Australian market.