25 January 2017

Critical Infrastructure

Amid noise about cyberwar (a nice diversion from policy drift at the Commonwealth level) the Treasurer and Attorney-General have announced the establishment of "a dedicated centre to manage the complex and evolving national security risks to Australia's critical infrastructure".

The new Critical Infrastructure Centre within the Attorney-General's Department is promoted as
With increased privatisation, supply chain arrangements being outsourced and offshored, and the shift in our international investment profile, Australia's national critical infrastructure is more exposed than ever to sabotage, espionage and coercion.
We need to manage these risks by adopting a coordinated and strategic framework. This challenge is not something the Commonwealth can address alone.
This is why the Turnbull Government has established the Critical Infrastructure Centre, within the Attorney-General's Department, so that all levels of government, owners and operators can work together to identify and manage these risks.
The Centre will develop coordinated, whole-of-government national security risk assessments and advice to support government decision-making on investment transactions. It will also provide greater certainty and clarity to investors and industry on the types of assets that will attract national security scrutiny.
While the Centre's initial focus will be on the most critical assets in our electricity, water and ports sectors, the Government will consult with states, territories, industry and investors to consider what other assets require attention.
The Centre will also develop and maintain a critical assets register that will enable a consolidated view of critical infrastructure ownership in high risk sectors across the country. This will help to proactively manage the national security risks that can arise from operational and procurement strategies.
As a first step, the Centre will soon publicly release a discussion paper outlining the challenges we face and seeking views on additional measures that could assist.
It appears that the Centre will involve representatives from the Australian Signals Directorate, ASIO, Treasury and other Australian government agencies, consulting with state and territory governments, regulators and private asset owners.

The register of critical infrastructure assets will apparently draw on an assessment of cybersecurity and a physical assessments of assets, with the expectation that the Centre  will be able to identify vulnerable assets and measures to mitigate national security concerns in the context of sale of those assets, eg privatisation of energy grids or sale of telecommunication infrastructure to China.

The Foreign Investment Review Board (FIRB) - under the Treasurer - will retain responsibility for assessing foreign investment applications on a case by case basis, drawing on the Register in assessing applications involving critical infrastructure.

The register will apparently not be publicly available.

Establishment of the Centre will supposedly have the following key benefits -
  • federal, state and private vendors will be able identify, at an early stage, when national interest concerns are likely to arise in relation to infrastructure asset sales (given that relevant assets will be included on the register
  • foreign investors will have greater about whether national security concerns are likely to arise during the FIRB foreign investment review process, for example assisting informed decisions about whether to proceed with a bid and measures to mitigate national security concerns