Emplacement
- Asia Pacific
  
  Australia - English
  
  China - Chinese
  
  India - English
  
  Japan - Japanese
  
  New Zealand - English
- Europe
  
  Czech Republic - English
  
  Denmark - English
  
  France - French
  
  Germany - German
  
  Italy - Italian
  
  Norway - English
  
  Netherlands - Dutch
  
  Poland - English
  
  Romania - English
  
  Spain - Spanish
  
  Sweden - English
  
  United Kingdom - English
  
  Belgium - Dutch
  
  Belgium - French
  
  Switzerland - French
  
  Switzerland - German
  
  Switzerland - Italian
- Middle East
  
  Egypt - English
  
  Saudi Arabia - English
  
  United Arab Emirates - English
- North America
  
  United States - English
  
  Canada - English
  
  Canada - French
|
CONTACTER
|

Devise:

Localisez votre contenu

Vous pouvez définir votre devise préférée pour ce compte.

Choisissez une devise
Devise
CHOISISSEZ VOTRE DEVISE
Mettre à jour la devise

Changer de devise entraînera la suppression de votre panier actuel. Cliquez sur OK pour continuer.

Pour conserver votre panier actuel, cliquez sur FERMER puis enregistrez votre panier avant de changer de devise.

- Se connecterSIGN IN TO ACCOUNT
  
  Close Side Navigation
  
  Back
  
  Créer un compte
  
  Mon ancien compte
  
  Connectez-vous à MyBuildings
- Close Side Navigation
  
  Account
  
  Mon compte
  
  Mon profil
  
  Mes commandes
  
  Mes devis
  
  Demande de retour
  
  Factures
  
  Paniers sauvés
  
  Historique de l’affaire
  
  Mes contrats
  
  Historique des ordres de service (HBS)
  
  Mon ancien compte
  
  Gérer les formations et les utilisateurs
  
  SE DÉCONNECTER
Commande en vrac

Australia's SOCI Act Boosts OT Cybersecurity Focus

19 June 2024

To help safeguard essential services crucial for citizens’ well-being and quality of life, the Australian government enacted the Security of Critical Infrastructure Act^[i] (SOCI) in 2018. The act aims to mitigate cyber threats targeting critical infrastructure assets, reducing the risk of damage or disruption.

The act originally covered four core sectors: electricity, gas, water and ports. It has since been expanded to cover assets in 11 other critical infrastructure sectors, including financial services, communications, data storage and processing, defense, food and grocery, healthcare, higher education, transport, space technology, energy, and water and sewerage.

The reality is that all critical infrastructure assets could be directly affected by a cyber incident, potentially putting a nation’s industrial security at risk. In May 2021, for example, a major oil pipeline fell victim to a ransomware attack, leading to a shutdown lasting several days that impacted consumers and businesses along the East Coast of the United States. The hack was deemed a national security threat with the U.S. Department of Transportation invoking emergency powers^[ii] in response to the attack.

Why organizations need to focus on SOCI

So, what do organizations need to know about SOCI? First and foremost, failure to comply with SOCI carries legal ramifications, along with the possibility of physical, financial and reputational damage. This means organizations with critical infrastructure need to immediately focus on making sure their operational technology (OT) cybersecurity is up to the task.

Prioritizing cybersecurity and cyber resilience is imperative for every organization and corporate board. This emphasis stems from the fact that under SOCI regulations, board members are now required to understand the consequences of a cyberattack and can even be held personally accountable for a cyber breach. Non-compliance can result in substantial civil penalties, up to AUD 55,500 for corporations and AUD 11,100 for individuals per day.^[iii]

With SOCI, if an organization becomes aware that a critical cybersecurity incident has occurred and is having a “significant impact” on the availability of an asset, it must notify the Australian Cyber Security Centre (ACSC) within 12 hours after learning of the incident. Likewise, if an organization learns that a cybersecurity incident has occurred and that incident is having a “relevant impact” on its asset, it must notify the ACSC within 72 hours after becoming aware of the incident.

OT vs IT

As OT and IT systems continue to converge, the threat of cyberattacks will increase. One important factor that all organizations need to understand is that defending OT environments from cyber incidents will require a different set of strategies and tools than are currently used to protect IT systems.

Cybersecurity measures commonly deployed to protect IT – such as patching and antivirus management, secure file transfer, end-point monitoring, threat detection and response, and network hardening—are conspicuously absent in the OT realm. People may ask why? In many cases, OT systems and networks were designed and budgeted to provide base requirements for system operation and functional reliability and not with a cybersecurity-by-design approach.

Often, there is not adequate understanding or visibility of the growing OT cybersecurity risk. Even more, there is a significant shortage of cybersecurity professionals with domain expertise in the O.T. space.

How to spot malware

The crucial question arises: How can an organization distinguish an active OT cyber threat from traditional equipment failure?

Consider an air conditioning control system. There might be a failure with the unit, such as a belt snapping on the fan motor or an issue with one of the variable speed drives or a faulty temperature sensor. How would the organization know what’s causing the issue? After all, it might not be a run-of-the-mill equipment failure but rather a piece of malware downloaded to the network that is interfering with the control system.

The reality is that it’s hard to know for sure.

Leading the charge

This is where Honeywell can help. Honeywell’s remotely connected building operations center, located and hosted in Australia, is designed to monitor end-to-end OT environments, combining OT and cyber analytics, data and alerts to help identify and resolve issues as they arise. Key features include real-time device discovery, real-time threat monitoring, and remote cyber and OT alarms. The remote service also provides automation and assists enabling a fixed reporting process to notify the government within the required 72 hours.

Honeywell can also help organizations establish a critical infrastructure risk-management program (CIRMP). This holds significance because, according to SOCI, critical infrastructure organizations are required to have already devised and executed a CIRMP. What’s more, by August 2024, organizations must be prepared to meet and comply with the cybersecurity framework identified in their CIRMP.

Honeywell’s cyber practice provides a range of professional services coupled with state-of-the-art technology designed to help identify and mitigate potential operational tech cyber risks specifically relating to people, processes and technology. This makes it possible to quantify risks associated with your OT environment and provide greater confidence of compliance to the board. Honeywell solutions can be tailored to suit any organization, starting from any level of maturity.

Unlike traditional cybersecurity geared to IT networks, Honeywell solutions are designed for the OT environment. These vendor-agnostic solutions identify threats, anomalous behavior and vulnerabilities to help organizations reduce and manage cybersecurity risks across all their sites. With Honeywell, operators of critical infrastructure can run their OT environments more securely, avoid disruptions and reduce threats to safety.

Connect with a Honeywell cybersecurity expert today to learn more.

^[i] Australian Government Department of Home Affairs, Security of Critical Infrastructure Act 2018, [Accessed April 17, 2024]

^[ii] The Guardian, US invokes emergency powers after cyber-attack on fuel pipeline, [Accessed May 1, 2024]

^[iii] Federal Register of Legislation, Security of Critical Infrastructure Act 2018, [Accessed May 17, 2024]

Contact an Expert