The Security of Critical Infrastructure Act (SOCI) is a national law which sets legal obligations for the owners and operators of critical infrastructure assets. “Critical infrastructure” includes facilities, supply chains or networks which, if damaged or disabled for an extended period, would significantly harm social or economic wellbeing, defence or national security.
SOCI is very broad and applies to 11 sectors that we all rely on for a safe, secure and well-functioning society and economy. SOCI applies to Communications, Data storage and processing, Defence, Energy, Transport and Water and Sewerage, Healthcare and others.
We should all be pleased that Australia has a system to place obligations on the owners and operators of these incredibly important assets. Obligations include reporting to government operation and ownership information, as well as cyber security incidents.
Critical infrastructure owners must also adopt, maintain and comply with a written risk management program.
For assets deemed as Systems of National Significance (SoNS), there are additional Enhanced Cyber Security Obligations (ECSO). These include preparing for cyber security incident response, building cyber response preparedness through exercises; vulnerability assessments, and sharing with government near real-time threat information.
Why is SOCI important?
We all rely on Australia’s critical infrastructure. For everyday life we need safe, secure and reliable water, data, transport and healthcare.
While most of Australia’s critical infrastructure is in private hands, SOCI allows government to ensure that owners and operators implement safeguards to protect these assets and, in the end, us all. It is essential that this infrastructure is made impenetrable from cyber-attack.
It is hard to imagine the chaos which would result from our critical infrastructure being disrupted and damaged for a long or even a short period. Hackers infiltrating and controlling this infrastructure could see power and water turned off, and our roads, airports and seaports in dangerous chaos.
Next time: Where are the vulnerabilities and what could go wrong?
Related articles
Fleet Focus: AUSEV F-150 Lightning utes help decarbonise airports and mine sites
Distributor of right-hand-drive converted Ford F-150 Lightning EVs, AUSEV, has turned its focus to fleet customers with its Lightning Pro model and commercial fitout options
AUSEV’s Focus on the SOCI Act and Global Developments: Shaping Australia’s Fleet Procurement Future
As a leader in Australia’s electric vehicle landscape, AUSEV has been acutely aware of the Security of Critical Infrastructure (SOCI) Act’s implications for the nation’s
Are some connected vehicles too risky for use in Australia’s critical infrastructure?
EVs receive regular ‘over the air’ updates, making them vulnerable to unauthorized access and control. This is an unacceptable risk where these vehicles are being
Recent global IT outage from the CrowdStrike update highlights the importance of the SOCI Act
The recent global IT outage from the CrowdStrike update highlights the importance of the SOCI act. There are a frightening number of critical infrastructure companies,