In a significant move to fortify Australia’s cyber environment, the Albanese Government has announced the designation of 13 new Systems of National Significance. This initiative expands the existing framework to include over 220 critical assets across key sectors such as energy, communications, transport, financial services and markets, food and grocery, and data storage or processing.
These assets, integral to the nation's economy and daily functioning, will now be subject to enhanced cybersecurity obligations imposed by the Australian Government. This comprehensive approach aims to improve the resilience of these vital systems against increasing cyber threats.
As outlined by the Home Affairs and Cyber Security Minister, Tony Burke MP, being declared a System of National Significance obligates owners and operators to develop rigorous incident response plans, engage in regular cybersecurity exercises to enhance preparedness, and conduct thorough assessments to identify and mitigate vulnerabilities. Additionally, these entities are required to share system information with the Australian Signals Directorate (ASD), assisting in the creation of a near-real-time threat landscape.
Minister Burke emphasized the growing menace of cyber incidents, stating, "Cyber incidents are one of the fastest growing threats to our country, making the protection of the critical infrastructure Australians rely on every day more crucial than ever."
He added, "We are using all the tools at our disposal to improve our cybersecurity and the protection of our critical infrastructure. Listing Systems of National Significance is a key part of that effort. I want to extend my gratitude to the owners and operators of these systems for their cooperation in enhancing Australia’s cybersecurity posture, propelling us towards becoming one of the most secure nations globally."
The declaration of these systems is made under section 52B of the Security of Critical Infrastructure Act 2018. To safeguard national security, the list of Systems of National Significance is not publicly disclosed.
This strategic enhancement of cybersecurity measures reflects the government's proactive stance in collaborating with business to safeguard Australia’s national interests against evolving cyber threats.
