Practical Law Commercial releases new resources for critical infrastructure sector
- Legal update, Critical infrastructure sector: mandatory cyber incident response obligations commence on 8 July 2022. On 8 July 2022, the mandatory cyber incident response obligations commence for critical infrastructure stakeholders, with the expiry of the 3-month grace period which was implemented to allow stakeholders time to prepare their businesses for compliance with the reporting obligations. This update briefly outlines the requirements of the cyber incident response obligations including the types of incidents which must be reported, where and when to report such incidents and compliance and enforcement by the Cyber and Infrastructure Security Centre under the Security of Critical Infrastructure Act 2018 (Cth) (SCIA 2018). It also provides a brief update on the commencement of other positive security obligations under the SCIA 2018.
- Practice note, Security of critical infrastructure and systems of national significance. This note provides an overview of the regulatory framework for the security of the critical infrastructure sector and critical infrastructure assets in Australia. It outlines the scope and nature of obligations imposed on the owners and operators of critical infrastructure assets and systems of national significance under the SCIA 2018 and other key Commonwealth legislation and includes an outline of the significant package of reforms to the SCIA 2018 which were enacted in 2021 and 2022. It includes information on key terms under the legislation, the positive security obligations of owners and operators of critical infrastructure assets including the Register of Critical Infrastructure Assets, the critical infrastructure risk management program and the mandatory reporting of cybersecurity incidents (as defined in the SCIA 2018) as well as the obligations for systems of national significance. In addition, the note provides an outline of the government assistance measures for serious cybersecurity incidents and the compliance and enforcement framework under the SCIA 2018.
The following glossary terms have been published to support Practical Law's new resources on the security of critical infrastructure in Australia (available to all Practical Law subscribers):
Practical Law Australia’s expert legal writers have practical expertise gained from some of the country's leading law firms and corporate legal departments, including Ashurst, Baker & McKenzie, Gilbert + Tobin, Herbert Smith Freehills, the Australian Broadcasting Corporation (ABC) and more. They understand the pressure to deliver timely and cost effective legal advice, which is why Practical Law’s fully maintained practice notes, precedents, drafting notes and checklists offer clear and concise know-how with a practical perspective.
For more information on Practical Law Australia’s legal writing team, visit legal.thomsonreuters.com.au/practical-law-team