Home topics technology technology-security Source: Hack Capital on Unsplash Security Security How the SOCI act impacts SMEs Michael van Rooyen March 21, 2023 Securing Australia’s critical infrastructure has been a top priority for the Federal Government with the Security of Critical Infrastructure Act 2018 (SOCI Act) and its recently implemented reforms, with a broader range of businesses now covered. The most recent reforms have expanded the covered sectors from four to 11, including healthcare, medical, food and grocery, and higher education and research. Each new sector includes a number of assets, with 22 covered by the Act. These reforms also mean more small and medium businesses would have to adhere to the Act and ensure their cybersecurity posture is compliant, which means additional responsibility that may require more resources. What is the SOCI Act? The Federal Government developed the act to help secure Australia’s critical infrastructure against threats, creating a framework for regulating critical infrastructure sectors, specifically around cybersecurity. This occurred amid a period of increased cyber threats hitting Australian organisations and geopolitical tensions. Expanding the sectors from four to the current 11 gives the Act a broad coverage of sectors. Some sectors include food distribution, groceries, aviation, and the military, so it’s quite broad. In fact, some argue that it covers almost everything. The Act commenced in July 2018, with reforms implemented in 2021 and early 2022 to reflect the government’s response to the growing cyber threats and its recognition that addressing threats requires joint efforts and shared responsibility