Australia’s Cyber and Infrastructure Security Centre (CISC) announced enhanced security requirements to strengthen protections for the nation’s critical infrastructure. These Security of Critical Infrastructure Legislation Amendment (Enhanced Critical Infrastructure Risk Management Program) Rules 2026 are designed to ensure that critical infrastructure entities adopt stronger security measures to improve resilience against evolving threats and risks affecting essential services. The updated requirements will focus on supporting a more robust security posture among critical infrastructure operators, helping bolster preparedness and protection against disruptions that could affect nationally significant assets and services.
Informed by extensive consultation with industry and stakeholders, the Enhanced CIRMP Rules introduce targeted uplifts to existing risk management requirements, ensuring Australia’s critical infrastructure owners and operators are better equipped to address an increasingly complex and evolving threat environment across specified asset classes, including critical energy market operator assets, critical electricity assets, critical gas assets,…
