Scribd Logo
Upload

Welcome to Scribd!

  • Security For Critical Infrastructure (SOCI)

    Uploaded by

    yourreddy
    4 views1 page

    Original Title

    Security for Critical Infrastructure (SOCI)

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views1 page

    Security For Critical Infrastructure (SOCI)

    Uploaded by

    yourreddy

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    LETS TALK

    How to Meet Your SOCI Obligations


    The Security of Critical Infrastructure Act 2018 (SOCI) is a key compliance obligation that cuts to the core of
    Australia’s cyber security strategy.
    SOCI is in the news because the Government wants to make Australia a world leader in cyber security by 2030.
    As part of this, SOCI’s obligations have been significantly broadened and strengthened across Australia’s 11
    new critical infrastructure sectors. The clock is ticking to meet these obligations, with the compliance grace
    period running out on 17 August this year.

    SOCI Act : Key compliance dates

    20 June -
    8 July 2022 8 Oct 2022 17 Aug 2023 17 Aug 2024
    28 Sept 2024

    Grace period ended Grace period ended Grace period ended First annual report due End of grace period to
    for mandatory Cyber for registering for the Critical (must be submitted achieve cyber security
    Incident Reporting ownership and Infrastructure Risk within 90 days after legislation
    operational Management Program the end of the requirements against
    information (CIRMP) obligation financial year) a recognised
    framework (AESCSF,
    NIST, ISO2700X, E8)
    or an equivalent

    Apart from these critical infrastructure must-dos, there’s also an opportunity to adapt and thrive under the
    Government’s vision for a prosperous and secure cyber future for Australia. Are you ready?

    Your 3+1 Security Obligations


    If you are a responsible entity for an Australian critical infrastructure asset, you must comply with the SOCI Act, and your Board-equivalent must
    report annually to the Government. Beyond this, it’s critical to understand that SOCI is almost certain to change again, with Government considering
    another five reforms resulting from its 2023 Cyber Security Strategy.

    Currently, to comply with the SOCI Act, you need to do four things:

    1 2 3 4

    Register your asset with the Implement and maintain a Report any cyber incidents Finally, if Government
    Cyber and Infrastructure Critical Infrastructure Risk that have a significant or designates you as a super-
    Security Centre (CISC), part Management Program relevant impact within critical “System of National
    of the Department of Home (CIRMP), which is a plan that specified time periods Significance” or SONS,
    Affairs. identifies and addresses the ranging from hours to days. there’s additional, and
    risks to your asset. substantial, obligations you
    must meet.

    Who’s Going To Need To Pay Attention To SOCI?


    SOCI applies to Australia’s 11 new critical infrastructure sectors, including their supply chains!
    These sectors are:

    Communications Data storage or processing Defence Industry

    Higher education and Financial Services and


    Energy
    research Markets

    Food and Grocery Health Care and Medical Space Technology

    Transport Water and Sewerage

    SOCI brings both unique security requirements and a Board-level obligation to report annually to Government on how they are being met.
    Technically, issues such as IT/OT convergence, data sovereignty, automation, AI, Cloud, insider threat, SIEM/SOC capabilities, a true Zero Trust
    approach, and immutable backups can all impact on how successful critical infrastructure companies will be in meeting their SOCI obligations. A
    business-as-usual approach to these new obligations is unlikely to be good business.

    Why Choose NEXTGEN for SOCI Solutions?


    The NEXTGEN Group has the knowledge, experience, and ecosystem to help you meet SOCI’s obligations by enhancing
    the security and resilience of your critical infrastructure assets. We offer:

    A comprehensive portfolio of A dedicated team of cyber The support of a robust The strategic guidance of a
    security solutions from and data resilience experts demand generation engine, distributor that operates
    leading vendors that will help that can support you with and dedicated resources, to across the APAC region and
    you meet and exceed your assessing your environment help identify SOCI-related has a deep understanding of
    compliance obligations. and finding solutions that business opportunities as its challenging and dynamic
    bring complex technologies these sectors grapple with cyber security space.
    together for better cyber their evolving compliance
    security and resilience. requirements.

    How to Get Started with


    SOCI Solutions?
    The NEXTGEN Group and its security vendors can
    help you deliver superior SOCI solutions. Let’s talk!
    Use the form below to drop us a note and we will be
    back in touch soon.

    Learn more by talking to an expert

    Our Vendors/Partners

    You might also like