The Australian Security Legislation Amendment (Critical Infrastructure Protection) Act 2022 (SLACIP Act) which amends the Security of Critical Infrastructure Act 2018 (SOCI Act), and Systems of National Significance (SoNS) regulations are aimed at improving the resilience and risk management practices of Australia’s Critical Infrastructure sector and making it easier for organisations and governments to share information securely. They impact a range of industries deemed critical infrastructure, and the companies and third parties that work with, and supply these entities.

 

Risk management and governance are critical to SLACIP and SoNS, however, enforcing these mandates is another matter. The level of compartmentalised access and sharing controls required for the management of sensitive and classified information can be costly and difficult to achieve. Bespoke solutions can take months or longer to build, and the expense is prohibitive for small to medium enterprises.