PORTS Australia said more work is needed on the Security Legislation Amendment (Critical Infrastructure) Bill 2020 so it recognises the intricacies of ports.
In amending the Security of Critical Infrastructure Act 2018, the Security Legislation Amendment (Critical Infrastructure) Bill 2020 aims to enhance the existing framework for managing risks to critical infrastructure, with a particular emphasis on cyber threats.
Ports Australia this week attended a public hearing on the bill. It was chaired by Senator James Paterson, and there were a wide range of representatives from supply chain, transport and utilities sectors as witnesses.
Ports Australia said attendees shared their perspectives on how the bill could be pragmatically rethought to support how their industries operate rather than creating unnecessary red tape.
At the hearing, Ports Australia CEO Mike Gallacher said industry will support government’s work once its current weaknesses are addressed.
“We want to support this legislation, we will support it, but we want to see it work and that’s the key, we need to see it work … there is a glaring weakness in the legislation that has a real confusion to who is actually responsible for the delivery of port services and we need to get it fixed otherwise the only people who are going to take advantage of it are going to be bad people,” Mr Gallacher said.
Ports Australia said more work is needed to revise the bill so it recognises the intricacies of ports. Issues need to be addressed like who is responsible for each moving part in port operations, what defines an infrastructure asset as critical, and how we can better co-design the security requirements for these assets so they align with operations.
In short, Ports Australia is calling for:
- Clearer definitions for responsibilities of entities, especially when recognising that it should be port facility operators (stevedores for example) who are critical port assets, NOT the port operator. This also extends to critical infrastructure assets where the definition of responsibilities must be clarified (concerning assets like intermodal terminals).
- The definition of critical infrastructure assets to be clarified so we can identify which assets are captured as critical (intermodal terminals for example).
- Continued industry engagement on the co-design of security requirements which properly align with the processes of supply chain operations.
Mr Gallacher said the nature of ports and other supply-chain links demands that security is a top priority.
“That’s something our ports are vigilantly aware of and Ports Australia thanks government for their engagement to ensure the provisions in place are sustainable into the future,” Mr Gallacher said.
“Where Ports Australia was previously concerned by the proposed reforms’ lack of understanding of how our sector operates, we’re now encouraged by their appetite to sit with us and build that understanding so the reforms yield more pragmatic outcomes.
“It would be foolish to make a shopping centre like Westfields responsible for the security provisions at each and every store within their centre, just as it would be foolish to enforce the same rules on a port operator with a multitude of businesses operating within their boundaries.
“Ports Australia’s members have consulted tirelessly with us and government to ensure we get this right and we will continue until the revisions are synonymous with how our industry ticks,” Mr Gallacher said.
The bill is currently before the House of Representatives and was introduced in early Decmeber last year.
In his second reading speech on 10 December, Peter Dutton, then the minister for home affairs, said the amendment would be a significant step in the protection of critical infrastructure and essential services upon which all Australians rely.
“While owners and operators of critical infrastructure are best placed to deal with such threats, it takes a team effort to bring about positive change,” Mr Dutton said in his speech.
“That is why the ongoing security and resilience of critical infrastructure must be a shared responsibility, not only by all governments and the owners and operators of the infrastructure but indeed by all Australians. The cost of inaction is far too great to ignore.”
Mr Dutton also said the bill had been developed through extensive consultation with industry; he said more than 3000 people had been consulted and close to 350 submissions had been received on a consultation and draft legislation.
“The final bill reflects the outcomes of the consultation process and ensures we have the right balance between taking effective steps to manage security of our critical infrastructure and appropriate checks and balances. This includes mandatory industry consultation periods, reporting mechanisms and oversight by IGIS,” Mr Dutton said.
“However, this is not the end of consultation, the government is committed to continuing the conversation to ensure that the reforms are operationalised in the most appropriate and effective manner.”
The text of the bill and other related documents can be found on the Australian Parliament House website.