House debates
Wednesday, 16 February 2022
Bills
Security Legislation Amendment (Critical Infrastructure Protection) Bill 2022; Second Reading
5:48 pm
David Coleman (Banks, Liberal Party, Assistant Minister to the Prime Minister for Mental Health and Suicide Prevention) Share this | Hansard source
The Australian government is committed to working in close collaboration with industry to create an uplift in the resilience of critical infrastructure and the essential services that infrastructure provides for all Australians. Threats ranging from natural hazards to human induced threats, such as cyberattacks or from malicious trusted insiders, all have the potential to significantly disrupt Australia's critical infrastructure. The interconnected nature of our critical infrastructure means that the compromise of one essential function could have cascading consequences that could affect the essential services that all Australians rely on and lead to severe economic impacts. As these threats and risks continue to evolve in an increasingly interconnected world, so too must our approach to ensuring the ongoing security and resilience of these assets and the essential services they deliver, protecting our economy and our sovereignty. Where the Security Legislation Amendment (Critical Infrastructure) Act 2021 enhanced the government's ability to respond to cyber-threats, this bill, the Security Legislation Amendment (Critical Infrastructure Protection) Bill 2022, introduces preventative measures to ensure the continued protection of Australian critical infrastructure. This bill sets out two key obligations, the risk management program and the enhanced cybersecurity obligations for those critical infrastructure assets deemed to be Australia's 'systems of national significance'.
The risk management program asks critical infrastructure entities to identify material risks that could have an impact on the ongoing functioning of their critical infrastructure asset to, as far as reasonably practicable, eliminate or mitigate the risk of that impact from occurring and to report to government their implementation of the program. The set of proposed rules that will underpin the risk management program, presented within the explanatory material of this bill, create a principles-based framework that recognises both domestic and international standards. A principles-based rather than a prescriptive approach empowers the experts within each critical infrastructure entity to identify the best and most efficient way to uplift resilience in their sector, while providing the necessary framework to ensure an economy-wide critical infrastructure uplift in resilience.
There are some critical infrastructure assets that are so vital, interconnected and of national significance that if they were impacted by a cyberattack it would cause disproportionate, cascading consequences. The bill sets out criteria for the declaration of these assets as systems of national significance. These systems may be required to comply with enhanced security obligations. These obligations will support a bespoke, outcomes-focused partnership between government and operators of these systems to enhance cybersecurity and build an aggregated threat picture of cybersecurity risks to critical infrastructure in a way that is mutually beneficial to government and industry. A key focus of the government moving forward will be a comprehensive program of engagement and education for critical infrastructure entities to assist them to meet these new obligations through the reinvigorated Trusted Information Sharing Network, the TISN. The government is committed to partnership with and education of industry through the TISN to be the primary engagement mechanism to enhance the security and resilience of critical infrastructure, rather than a heavy-handed, regulatory approach.
This bill demonstrates the government's continued commitment to collaborating with and empowering operators of Australia's critical infrastructure to create the necessary uplift in resilience that will ensure Australia continues to be a safe and prosperous nation. I thank members for their contributions and call on them to support this very important bill.
No comments