This new mandate came into existence earlier this year, completing the final package of amendments to the existing Security of the Critical Infrastructure Act 2018 (Cht) (SOCI Act). The Act is designed to improve the cyber security posture of Australia’s critical infrastructure assets and systems of national significance. It takes into consideration the changing threat landscape caused by several global events and accelerated digital transformation activities.
So what’s this all about, Andrew?
Slavkovic (pictured) explains that the Australian Cyber Security Centre (ACSC) will play an expanded role within the Act by providing advice and guidance to infrastructure providers on how to best handle and respond to cyber incidents in the early stages. The new mandate is an opportunity to boost Australia’s collective cyber defences as ACSC will work to respond to develop an overall threat picture based on the incident reports it receives.
As set out in the Act, Critical Infrastructure owners and operators are required to report a cyber security incident to the ACSC within the mandated periods which correlates to the severity rating of a given cyber security incident.
When a…
