Critical staffing suppliers to Australia warned to prepare for SOCI

Firms supplying critical infrastructure solutions across Australia need to begin preparations as the compliance date for the amended Security of Critical Infrastructure Act (SOCI) nears.

That’s according to employment screening and identity expert, Sterling.

The Act, which was initially rolled out in 2018, has been expanded to place requirements on responsible entities across 11 critical sectors, with August 2024 marking the end of all legislative grace periods and the time at which businesses need to be prepared. While compliance with the legislation is only required for those firms that supply into the critical infrastructure of Australia, Sterling has urged all companies that provide services in the country to check if they are liable under the reforms.

The core purpose of SOCI is to enhance the country’s resilience and mitigate against national risks. Responsible Entities and Direct Interest Holders that own and operate critical infrastructure assets in any of the 11 sectors need to be able to demonstrate they have plans in line with three core Positive Security Obligations (PSOs):

  • An information provision PSO: Requires firms to register critical assets with the federal government now and as new assets are added to the company’s infrastructure.
  • A mandatory cyber incident breach notification PSO: Outlines that a business will immediately notify the Australian Cybersecurity Centre (ACSC) via phone or the ACSC website of any cyber incident, before providing written notification.
  • A risk management PSO: Defines a clear plan around how the company will identify risks and deal with hazards that fall under four key categories: supply chain hazards, cyber & information hazards, physical hazards and personnel hazards.

As Mick Roche, ANZ head of sales at Sterling, explained: “This is a positive, but complex initiative from the Australian government, with the personnel hazards presenting a core challenge.

“There’s no doubt that this move will be beneficial to Australia, its citizens and businesses. A failure in services or a cyber-attack on any sector or firm that falls under the critical infrastructure category could have a domino impact on others, so mitigating risks and planning for hazards is crucial.

“Of all the areas that employers need to create plans for, though, it is the personnel hazards that arguably present the greatest challenges and the biggest threats. Employees are the ones controlling critical infrastructure assets and have access to multiple facets within companies, which could expose infrastructure and systems to risks. It’s vital that employers put the necessary screening and re-screening programs in place now to meet the SOCI Act legislation requirements ahead of the 11 August deadline.

“While it may seem like an overwhelming and difficult challenge to navigate, there are a wealth of resources available to support businesses as they prepare for the August deadline. From a personnel screening point of view, I would urge employers to be mindful of the fact that the cost of implementing the required checks are minimal in comparison to the potentially catastrophic impact of inaction.”

• Comment below on this story. Or let us know what you think by emailing us at [email protected] or tweet us to tell us your thoughts or share this story with a friend.

Stride’s speech to ‘Put Brits First’ just one initiative to solve worker shortages

In a major speech to business leaders today [21 May 2024], work and pensions secretary Mel Stride (pictured) has hailed the “huge opportunity” to fill vacancies with unemployed Brits.

Legislation 21 May 2024

REC and IES highlight employers’ needs to recruit and retain the right people

Employers suggest that any changes to public sector employment services should prioritise reform of financial support for new recruits.

Legislation 16 May 2024

HMRC adds three firms to tax avoidance shame list

HM Revenue & Customs has added today three companies to the existing list of tax avoidance schemes, promoters, enablers and suppliers aiming to ply contract and self-employed workers with their products.

Legislation 16 May 2024

Recruitment industry can be part of welfare reform discussion

The Department of Work and Pensions has this week unveiled a consultation on proposals to move away from fixed cash benefit system towards tailored support.

Legislation 30 April 2024