Security of Critical Infrastructure Act Reporting Obligations Go Live
Slipstream Cyber
Active Defence | Consulting | Digital Forensics & Incident Response
Cyber incident reporting obligations for operators of critical infrastructure have gone live.?Operators that become aware that an incident has or is occurring must report to the ACSC within 12 hours.?Reporting a cyber incident in this timeframe might be easy in the case of a major ransomware attack, however many other attack types will take more time to properly unravel.?The point at which an organisation is actually ‘aware’ might be one that has significant operational and legal nuance to it.?The objective, of course, is to protect Australians, so there’s no point being cute about it.?That said, organisations will still need strong forensic readiness, detection and investigation capabilities to meet this objective in many cases. Slipstream’s sovereign, continuously monitored detection and response capability, hosted and operated in Australia, is an effective means of both preventing and reporting attacks for critical infrastructure. #slipstreamcyber #criticalinfrastructure #incidentreporting