Professional Documents
Culture Documents
20 June -
8 July 2022 8 Oct 2022 17 Aug 2023 17 Aug 2024
28 Sept 2024
Grace period ended Grace period ended Grace period ended First annual report due End of grace period to
for mandatory Cyber for registering for the Critical (must be submitted achieve cyber security
Incident Reporting ownership and Infrastructure Risk within 90 days after legislation
operational Management Program the end of the requirements against
information (CIRMP) obligation financial year) a recognised
framework (AESCSF,
NIST, ISO2700X, E8)
or an equivalent
Apart from these critical infrastructure must-dos, there’s also an opportunity to adapt and thrive under the
Government’s vision for a prosperous and secure cyber future for Australia. Are you ready?
Currently, to comply with the SOCI Act, you need to do four things:
1 2 3 4
Register your asset with the Implement and maintain a Report any cyber incidents Finally, if Government
Cyber and Infrastructure Critical Infrastructure Risk that have a significant or designates you as a super-
Security Centre (CISC), part Management Program relevant impact within critical “System of National
of the Department of Home (CIRMP), which is a plan that specified time periods Significance” or SONS,
Affairs. identifies and addresses the ranging from hours to days. there’s additional, and
risks to your asset. substantial, obligations you
must meet.
SOCI brings both unique security requirements and a Board-level obligation to report annually to Government on how they are being met.
Technically, issues such as IT/OT convergence, data sovereignty, automation, AI, Cloud, insider threat, SIEM/SOC capabilities, a true Zero Trust
approach, and immutable backups can all impact on how successful critical infrastructure companies will be in meeting their SOCI obligations. A
business-as-usual approach to these new obligations is unlikely to be good business.
A comprehensive portfolio of A dedicated team of cyber The support of a robust The strategic guidance of a
security solutions from and data resilience experts demand generation engine, distributor that operates
leading vendors that will help that can support you with and dedicated resources, to across the APAC region and
you meet and exceed your assessing your environment help identify SOCI-related has a deep understanding of
compliance obligations. and finding solutions that business opportunities as its challenging and dynamic
bring complex technologies these sectors grapple with cyber security space.
together for better cyber their evolving compliance
security and resilience. requirements.
Our Vendors/Partners