New centre to address critical infrastructure security

Companies owning Australia’s critical infrastructure have joined forces to establish a new non-profit on the Sunshine Coast dedicated to sharing information on security threats.

The Critical Infrastructure Information Sharing and Analysis Centre (CI-ISAC) has been established to provide a mechanism for the national collective defence of sovereign critical infrastructure.

CI-ISAC is now inviting membership from a range of critical infrastructure sectors, including energy, communications, financial services, education, transport and government.

Membership will be open to each of the 11 sectors covered by the Australian Government’s Security of Critical Infrastructure Act 2018, which covers around 11,000 entities across the nation. CI-ISAC now has lead members spanning seven of these sectors, and is in the process of securing leads for the final five, which cover Defence, finance, food and grocery, water and space.

CI-ISAC co-founder Scott Flower PhD said the centre will take a cross-sectoral approach to information sharing, and will act as a platform to share intelligence on preparing for and defeating cyber attacks on its members.

“The strength of the CI-ISAC model comes through the knowledge that cybercriminals often use the same techniques to not only target organisations within a specific industry sector, but across other sectors,” he said.

“Membership in CI-ISAC provides organisations with the opportunity to participate in what will become Australia’s largest network for sharing intelligence on threats and collectively building cyber tools to defend our national interests.”

Flower said the Sunshine Coast was selected as the location for the new centre because it has the required infrastructure, the fastest fibre connection to Asia, and data centres with Australian Cyber Security Centre (ACSC) and NSA security clearance.

It will also cater to all levels of government, and in phase two will be expanded to cover material suppliers to critical infrastructure, including managed service providers.

Image credit: iStock.com/jamesteohart