Understanding the updated SOCI legislation
Act now to comply with the new SOCI amendments
The recent updates to the Security of Critical Infrastructure Act (SOCI) bring significant implications for Australian businesses, including those based in New South Wales. It’s crucial to grasp the implications of the amendments and take proactive steps to ensure your compliance.
NHN Group is here to assist you in navigating these changes effectively. Our veteran security experts can help you audit your business against the updated SOCI requirements and implement new strategies to bring you into compliance.
Book a consultation with our team today.
The purpose of the latest SOCI amendments
The latest amendments to the SOCI 2018 Security of Critical Infrastructure Act accomplish two goals:
- Expand the purview of the Act to encompass a greater number of critical industries
- Require businesses within these industries to adopt new, more stringent security measures and compliance strategies
Let’s explore what this means in terms of expanded industry coverage, the four security pillars, and the necessary steps for compliance.
The industries covered by the SOCI 2018 Act amendments
The original 2018 Security of Critical Infrastructure Act restrained its purview to four critical amenities: gas, electricity, water and ports. The new amendments expand its scope to include 11 more industries.
The revised list of applicable industries is as follows:
- communications
- data storage or processing
- defence industry
- electricity
- energy
- financial services and markets
- food and grocery
- gas
- health care and medical
- higher education and research
- ports
- space technology
- transport
- water and sewerage
If you own or operate a business within these industries, you must now assess your operations for vulnerabilities and ensure they safeguard your systems and data against threats. The new legislation defines four categories of risk that you must review.
Understanding the Four Security Pillars
The new legislation emphasises four primary areas of security:
- Cyber and Information Security
Protecting data and information systems from cyber threats is crucial. Businesses need to implement strong cybersecurity measures, conduct regular security assessments, and update their systems to address new vulnerabilities.
- Personnel Security
Ensuring that individuals with access to sensitive information or critical systems are properly vetted is key. This includes conducting background checks and providing ongoing security training to mitigate risks from insider threats.
- Physical Security
Securing physical assets and infrastructure against unauthorised access and natural disasters is essential. This may involve implementing access control systems, surveillance, and other security measures.
- Supply Chain and Business Continuity Security
Addressing vulnerabilities within the supply chain and developing plans to maintain operations during disruptions are critical. This requires a thorough assessment of suppliers’ security practices and the creation of robust business continuity plans.
Steps you need to take for SOCI compliance
Compliance with the SOCI legislation involves a comprehensive approach. You can begin to design a compliance plan using these instructions.
- Cyber and Information Security
Deploy up-to-date cybersecurity solutions, conduct penetration testing, and promote cybersecurity awareness among employees.
- Personnel Security
Carry out detailed background checks and establish ongoing security awareness programs. Consider setting up continuous monitoring for personnel with sensitive roles.
- Physical Security
Implement and regularly audit access control and surveillance systems. Advanced technologies like biometric access can enhance security measures.
- Supply Chain and Business Continuity Security
Assess and integrate the security practices of suppliers into risk management plans. Develop detailed business continuity plans to address potential supply chain disruptions.
Planning and implementing these measures will require a concerted effort. NHN Group has the expertise to ensure your business is brought into perfect compliance with the latest SOCI updates.
Get in touch today to book a consultation with our New South Wales security specialists today.