{"version":"1.0","type":"rich","provider_name":"Acast","provider_url":"https://acast.com","height":250,"width":700,"html":"<iframe src=\"https://embed.acast.com/$/674b3920f6ece089eaefe3cf/67535a2ea8461f164e5ca0d7?\" frameBorder=\"0\" width=\"700\" height=\"250\"></iframe>","title":"SECURITY OF CRITICAL INFRASTRUCTURE AND OTHER LEGISLATION AMENDMENT (ENHANCED RESPONSE AND PREVENTION) BILL 2024","description":"<p><strong><u>SECURITY OF CRITICAL INFRASTRUCTURE AND OTHER LEGISLATION AMENDMENT (ENHANCED RESPONSE AND PREVENTION) BILL 2024</u></strong></p><p><br></p><p><strong><u>Summary</u></strong></p><p>Introduced with the Cyber Security Bill 2024 and Intelligence Services and Other Legislation Amendment (Cyber Security) Bill 2024 to implement certain measures proposed by the 2023-2030 Australian Cyber Security Strategy, the bill amends the:&nbsp;<em>Security of Critical Infrastructure Act 2018</em>&nbsp;to: clarify obligations in relation to certain data storage systems that store or process business critical data; expand the government assistance framework to facilitate the management of consequences of impacts of incidents on critical infrastructure assets; amend the definition of ‘protected information’ to include a harms-based assessment and non-exhaustive list of relevant information; clarify the use and disclosure of protected information; enable the regulator to direct an entity to remedy a seriously deficient risk management program; consolidate security requirements for critical telecommunications assets; remove direct interest holders from reporting obligations associated with Systems of National Significance. Also makes consequential or contingent amendments to 5 Acts.</p><p><br></p><p><strong><u>AI Summary</u></strong></p><p>This document outlines proposed amendments to Australia's Security of Critical Infrastructure Act 2018.&nbsp;Key changes&nbsp;include expanding the definition of critical infrastructure to encompass data storage systems holding business-critical information,&nbsp;granting broader government powers&nbsp;to respond to and mitigate the consequences of serious incidents (beyond just cybersecurity),&nbsp;introducing a formal mechanism&nbsp;for regulators to address deficiencies in critical infrastructure risk management programs, and&nbsp;streamlining security requirements&nbsp;for critical telecommunications assets. A&nbsp;compatibility statement&nbsp;with human rights and a detailed&nbsp;impact analysis&nbsp;are included, addressing potential concerns and outlining the expected costs and benefits of the proposed reforms. Finally, the document details the&nbsp;consultation process&nbsp;with industry stakeholders and incorporates their feedback.</p><p>*Created with use of AI using NotebookLM (Deep dive voices) for educational purposes</p><p>**Source Parliament of Australia</p><p><br></p><p><br></p>","author_name":"PETER YIAMARELOS"}