Australian Government: Attorney-General's Department
Australian Government: Attorney-General's DepartmentAchieving a Just and Secure Society

Critical Infrastructure Protection

Australia’s critical infrastructure is important to our national security. Visit the National Security website to learn more about Australia’s national security arrangements.

    What is critical infrastructure?

    Critical infrastructure can mean different things to different people. To the Australian Government it means:

    those physical facilities, supply chains, information technologies and communication networks which, if destroyed, degraded or rendered unavailable for an extended period, would adversely impact on the social or economic well-being of the nation or affect Australias ability to ensure national security.

    Examples of critical infrastructure that all Australians rely on include essential services like power, water, health services, communications systems and banking.

      Who owns Australia’s critical infrastructure?

      In some parts of Australia, up to 90 per cent of critical infrastructure is privately owned, or operated on a commercial basis. Other critical infrastructure may be owned by the Australian Government or state and territory governments.

        What is critical infrastructure protection?

        A number of existing strategies, plans and procedures that deal with preventing, preparing for, responding to and recovering from disasters and emergencies come together to protect critical infrastructure. These include: law enforcement and crime prevention counter-terrorism national security and defence emergency management business continuity planning protective security e-security natural disaster planning and preparedness risk management professional networking market regulation, planning and infrastructure development, and organisational resilience.

          What is the threat to critical infrastructure?

          Natural disaster, accident, crime, equipment failure and terrorist attack are just some of the threats that could damage or destroy Australia’s critical infrastructure. The Government believes that arrangements for protecting critical infrastructure need to cover all hazards. It is therefore working with critical infrastructure owners and operators to make sure our vital services are suitably protected and, if they are damaged or destroyed, they can get up and running again quickly.

            Who is responsible for protecting critical infrastructure?

            The responsibility for protecting critical infrastructure is shared between critical infrastructure owners and operators, the Commonwealth, and state and territory governments.

              How is Australia’s critical infrastructure being protected?

              As with most businesses, those who own or run critical infrastructure know the best way to protect it and how to manage an incident. The Government believes that regulations are not the best way to protect all types of critical infrastructure. They are sometimes needed, however; for example to help Australia meet its international obligations.

                What is the national information infrastructure?

                The communication networks that Australia relies on make up the National Information Infrastructure. These include data, telephone and computer networks. Visit the E-Security page to learn more about what is being done to protect these vital systems.

                  Why is organisational resilience important?

                  Organisational resilience brings flexibility and the ability to adapt to changing environments. No organisation can anticipate every challenge and although money and resources play their part, thinking about how to face the challenges of the unexpected is the basis of good resilience planning.   Business continuity and risk management help prevent what can be prevented and protect what can be protected. Organisational resilience enables organisations to cope with what cannot be prevented or protected. A small group of TISN members has set up the TISN Resilience Community of Interest.  The group aims to help build a more resilient nation through promoting the concept of organisational resilience within the business community generally, and critical infrastructure in particular.

                  TISN Resilience Community of Interest 

                    The Trusted Information Sharing Network for Critical Infrastructure Protection

                    The Trusted Information Sharing Network for Critical Infrastructure Protection—commonly called the TISN—is one way that businesses and governments work together to protect critical infrastructure.

                      What does the TISN do?

                      The TISN is a forum where critical infrastructure owners and operators share information on security issues.

                      A diagram of the TISN

                        Who belongs to the TISN?

                        The TISN’s members include businesses, and Commonwealth, state and territory government agencies concerned with protecting critical infrastructure.

                          Infrastructure Sector groups

                          There are nine groups for different infrastructure sectors. These are: banking and finance communications emergency services energy food chain health mass gatherings transport, and water services. These groups are called Infrastructure Assurance Advisory Groups.

                          More information about the different sector groups

                            Advisory Council

                            The Critical Infrastructure Advisory Council oversees the work done by the sector groups. It is made up of delegates from each of the sector groups, state and territory governments, the National Counter-Terrorism Committee and Australian Government agencies concerned with critical infrastructure. The Council advises the Attorney-General on a national approach to critical infrastructure protection and links into Australia’s counter-terrorism arrangements.

                            Critical Infrastructure Advisory Council

                              Expert advice

                              There are two Expert Advisory Groups that give the Critical Infrastructure Advisory Council advice on special matters. They are: the IT Security Expert Advisory Group, and the CIP Futures Expert Advisory Group. Other Expert Advisory Groups are formed from time to time to consider specific issues.

                              Expert Advisory Groups

                                Communities of Interest

                                TISN has also formed communities of interest, which bring together members from different sectors to work on common issues in relation to Supervisory Control and Data Acquisition (SCADA) systems, pandemic planning and organisational resilience.  

                                  Critical Infrastructure Protection Modelling and Analysis Program

                                  The Critical Infrastructure Protection Modelling and Analysis Program shows how different parts of Australia’s critical infrastructure rely on each other. It can also show in detail what the consequences would be if a piece of critical infrastructure fails.