back to article Australia launches critical infrastructure security reforms

Sysadmin-in-chief of Australia's telecommunications industry, Attorney-General George Brandis, has released plans to anoint himself in a similar role in other critical infrastructure sectors, starting with an ownership register. Australia's government has announced a consultation into its Security of Critical Infrastructure …

  1. FozzyBear

    Well if the federal and state governments would stop selling off national assets and infrastructure like it's a Saturday afternoon garage sale, the list would be easy

    1. DeKrow

      But how else do you expect them to be able to maintain their claim that they're better economic managers than "the other guys"? They gotta keep their budget in the black by selling everything, so when the cycle turns and they lose power, whoever takes up the mantle has to spend big time on infrastructure and projects to rebuild the country. That way they can keep pointing their fingers at the other guys and saying they're wasting tax payers money. WIn-Win in their eyes.

  2. Anonymous Coward
    Anonymous Coward


  3. lglethal Silver badge

    Started off sounding good, BUT....

    It started off sounding like a pretty good idea, until i read this sentence

    "...owns, operates or has access to..."

    Damn thats going to be a huge list.if it goes to the employee level. And if you dont go to that level, then there is no Point in having that Statement involved. I fail to see how that helps protect your infrastructure unless your going to be checking all of those names against various security/terrorist/no-fly lists. And if you're doing that, the privacy implications for all of those People are huge.

    Knowing who owns the various bits of infrastructure and who runs them are very good for the government to know. Maybe knowing which companies are subcontracted to work at These places could be useful (but even that seems a bit of a stretch). But knowing who has Access. A waste of everyone's time and thousands of people's privacy.

    1. Anonymous Coward
      Anonymous Coward

      Re: Started off sounding good, BUT....

      "Damn thats going to be a huge list."

      All the more convenient for those who steal (or buy) the list.

    2. Doctor Syntax Silver badge

      Re: Started off sounding good, BUT....

      "Maybe knowing which companies are subcontracted to work at These places could be useful (but even that seems a bit of a stretch). But knowing who has Access."

      The thought does occur to me that, just possibly, access, in this context, might mean companies subcontracted to work there and in particular, outsourcers. Wouldn't that be a more practical interpretation as well as being essential to the plan of holding those with control responsible for security?

    3. Nick Kew

      George, don't do that.

      Damn thats going to be a huge list.

      Precedent: the Domesday Book. How does he see himself on the history syllabus?

      1. Sir Runcible Spoon

        Re: George, don't do that.

        The list could be used to ensure that old accounts are disabled, ever think of that?

  4. Oneman2Many

    Australia has a population 1/3 of that of the UK. If they can't get a handle on the security of their key infrastructure, what chance has the UK let alone the US ?

    1. Anonymous Coward
      Anonymous Coward

      re:getting a handle on it

      Short answer: It's complicated :)

  5. allthecoolshortnamesweretaken

    Not a bad idea per se, but why is the Attorney General's department in charge? This is about infrastructure, surely there are departments that deal with that and have staff like, say, engineers who can tell a water mains from a communications backbone?

    1. Doctor Syntax Silver badge

      "Not a bad idea per se, but why is the Attorney General's department in charge?"

      I suppose that as the govt's chief law officer the AG can step in if nobody else does. The scheme has the merit of being able to ensure that everything essential is covered if the relevant departments can't be bothered or, worse, have been subject to regulatory capture.

      1. handleoclast

        What could possibly go wrong?

        So, a big list of critical infrastructure. So the gov't can identify stuff that would cause a lot of disruption if bad guys targeted any of it.

        If I were a bad guy, intent on causing disruption, how could I figure out what it would be worth my while to sabotage?

        It's a good job that seriously high-security organizations like the NSA know how to protect sensitive information, like their ultra-secret hacking tools. They'll be able to advise Australia how to keep its target list from the bad guys.

        Unless action is also taken to harden the targets on the list as they are identified it has the potential to do more harm than good. Nothing in the article suggested that was going to happen, they're going to compile the list first then later (perhaps) figure out what to do about items on the list.

        What could possibly go wrong?

        1. Anonymous Coward
          Anonymous Coward

          Re: What could possibly go wrong?

          "What could possibly go wrong?"

          Any effort to compile a list of security risks relating to CNI must go hand in hand with the effort to secure that list, before it's compiled.

          This happens in the UK & US, I assume Oz are capable of the same precautions.

  6. Anonymous Coward
    Anonymous Coward


    Make sure they install a backdoor into everything.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like