Australia: Security Legislation Amendment (Critical Infrastructure Protection) Bill 2022 introduced in House

On 10 February 2022, the Security Legislation Amendment (Critical Infrastructure Protection) Bill 2022, including expanded cybersecurity rules for critical infrastructure, was introduced in the Australian House of Representatives. The Bill applies to critical infrastructure assets, including certain water, gas, and electricity assets defined in the Security of Critical Infrastructure Act 2018. The Bill would introduce a requirement for entities to create and maintain a risk management program identifying relevant hazards and taking steps to minimise such hazards. The Bill would further create enhanced cybersecurity obligations for systems of national significance, including infrastructure assets of special importance to the stability, defence, or national security of Australia. The additional obligations of systems of national significance include the possibility of being subjected to incident response planning, cybersecurity exercises, and vulnerability assessments.