Login
iscover
Share this article on:
Powered by
MOMENTUM
MEDIA
Powered by MOMENTUMMEDIA
Newly adopted standards offer a clearer and more structured approach to protecting operational technology in critical infrastructure settings.
Standards Australia has announced the adoption of the national AS IEC 62443 series, a set of standards designed to protect the country’s critical infrastructure from growing cyber attacks.
This set of specialised standards was developed by the IEC/Technical Committee 65 Working Group 10 and offers a modular, role-based approach – users can pick only the parts relevant to their system life cycle and responsibilities.
The standards align with Australian regulatory requirements and offer a structured path to cyber resilience and maturity.
“Australia’s formal adoption of AS IEC 62443 standards, in combination with the Cyber Security Act 2024, signals a shift in how Australian businesses must manage cyber risk. What was once encouraged as best practice is now mandated by law, particularly for those supplying smart devices or operating in and around critical infrastructure,” Craig Searle, director, consulting and professional services (Pacific) and global leader of cyber advisory at Trustwave, said in a statement on the move.
“The scope is broader, the obligations are clearer, and the consequences for non-compliance are now much more tangible. However, this isn’t just about protecting systems; it’s about protecting people, national resilience, and economic continuity.”
According to Standards Australia, the benefits of the new standard are “wide-reaching,” including boosted economic opportunities, a reduction of operational risk by minimising lengthy outages, and maintaining social stability through the protection of essential services.
“This is a significant jump in cyber security maturity for many businesses, especially those outside traditional critical sectors. Minimum security standards are no longer optional, and the 72-hour ransomware reporting requirement sets a new benchmark for accountability,” Searle said.
“Organisations must view this as a cultural shift, where cyber security becomes a board-level priority and a core component of operational risk management, not a compliance box-ticking exercise. Those that embrace the change early will be better positioned to meet obligations, build trust, and strengthen resilience across the supply chain.”
David Hollingworth has been writing about technology for over 20 years, and has worked for a range of print and online titles in his career. He is enjoying getting to grips with cyber security, especially when it lets him talk about Lego.
Be the first to hear the latest developments in the cyber industry.
