Program Narrative: Critical infrastructure are the facilities, supply chains, information technologies and communication networks that, if destroyed or disrupted, would cause significant harm to national security and economic wellbeing. They are the services that citizens rely on – energy, water, transport, healthcare, communications – and expect their governments to protect. But in an increasingly connected and digitised world, attacks against critical infrastructure by criminal enterprises and political adversaries are mounting. Earlier this year, a Russian-affiliated ransomware attack crippled Costa Rica’s government IT systems, effectively holding an entire nation to ransom. Australia’s policy response has evolved in recent years to address the growing threat and to expand the obligations on critical infrastructure owners and operators. This course offers a deep dive on the threats to critical infrastructure, how policymakers have responded and what we can learn from the international experience.

Learning Outcomes: By the end of the course, participants will have gained

• A deeper understanding of critical infrastructure sectors and assets in Australia, including what makes them ‘critical’ and what defines a ‘system of national significance’.

• An ability to identify and analyse different types of risk that critical infrastructure may be exposed to, and risk mitigation strategies.

• Understanding of Australia’s critical infrastructure legislation and the role of the Cyber and Infrastructure Security Centre.

• Insight to how the government is working with industry to meet regulatory obligations and protect critical infrastructure.

• Awareness of international approaches to critical infrastructure policy and security.