Claroty Named a Strong Performer in The Forrester Wave™: Operational Technology Security Solutions, Q2 2024
Download the Report
Claroty Toggle Search

Complying with:

The SOCI Act

Claroty empowers critical infrastructure organisations in Australia to more easily achieve and maintain compliance with the cybersecurity requirements set forth by the SOCI Act.

What is the SOCI Act?

The Security of Critical Infrastructure Act 2018 — otherwise known as the SOCI Act — was passed by the Australian government in July 2018 to create a mandatory cybersecurity framework for the regulation and protection of the nation's critical infrastructure sectors. The act has since undergone various reforms focused on further securing and enhancing the resilience of these sectors amid increasingly frequent and disruptive cyber threats.

Who does the SOCI Act impact?

SOCI applies to owners and operators of Australian critical infrastructure assets, known as Responsible Entities, and to businesses with a direct interest in such assets, known as Direct Interest Holders.

The act's requirements vary slightly between both categories, which span 22 asset classes in 11 sectors: communications, data storage & processing, energy, financial services, food, healthcare, higher education & research, transport, and water & sewerage.

What are SOCI's requirements?

The requirements set forth by SOCI are called Positive Security Obligations (PSOs), and they aim to enhance risk management, resilience, and business as usual for Australia's most critical assets.

These PSOs are: 1) Register of Critical Infrastructure Assets; 2) Notification of Cybersecurity Incidents; and 3) Critical Infrastructure Risk Management Program (CIRMP). Notably, the CIRMP PSO only applies to Responsible Entities in 13 of 22 asset classes.

When will SOCI be enforced?

Two of SOCI's three PSOs — specifically, 1) Register of Critical Infrastructure Assets and 2) Notification of Cybersecurity Incidents — are currently enforced for Responsible Entities and Direct Interest Holders.

Responsible Entities have until 18 August 2024 to demonstrate their compliance with the third PSO: Critical Infrastructure Risk Management Program (CIRMP). Such entities must also submit an annual report on their CIRMP by 28 September 2024.

How does Claroty support SOCI compliance?

Claroty helps organisations comply with SOCI by extending cybersecurity controls to all cyber-physical systems (CPS) — including operational technology (OT) assets, building management systems (BMS), connected medical devices, and other critical assets in the 22 classes regulated by SOCI.

Although alignment between the Claroty Portfolio and SOCI spans all three of the act's PSOs, Claroty offers the most robust support for the third PSO: Critical Infrastructure Risk Management Program (CIRMP), which requires that CIRMPs address material risks that specific types of hazards pose to critical assets. Details about these hazards and how Claroty helps address them are as follows:

CIRMP Hazard Type 1: Cyber and Information Security

Hazard Details: Cyber and information security hazards pose cyber risks to digital systems, computers, datasets, and networks that underpin critical infrastructure. They typically entail improper access, misuse, or unauthorised control and can impair the availability, confidentiality, integrity, and/or safety of a critical asset.

Claroty Support: Claroty enhances protection against cyber and information security hazards by defining and enabling enforcement of segmentation policies that harden critical infrastructure networks, securing and tightly controlling remote and onsite access to such networks, and revealing and guiding the mitigation of cyber risks posed by unpatched vulnerabilities and other weaknesses affecting critical assets in these networks.

CISA's latest Cybersecurity and Infrastructure Security Agency (CISA) guidance documents in this comprehensive blog post
Claroty xDome Secure Access offers live, over-the-shoulder monitoring for all remote sessions, reducing the risk of errors or malicious activity that could physically impair critical assets.

CIRMP Hazard Type 2: Physical Security

Hazard Details: Physical security hazards pose physical security risks to systems or other components essential to the availability, integrity, or safety of a critical asset. Examples include unauthorised physical access to sensitive facilities and natural disasters.

Claroty Support: Claroty helps mitigate physical security risks by providing a Secure Access solution that offers highly secure-yet-frictionless remote access to the physical facilities in which critical infrastructure assets and networks operate. Suitable for both internal employees and third-parties, Claroty xDome Secure Access reduces the need for personnel to be onsite to execute a range of use cases while ensuring all remote maintenance and related tasks are tightly controlled and do not expose critical assets to additional risks.

CIRMP Hazard Type 3: Personnel

Hazard Details: Personnel hazards refer to risks posed by internal or third-party personnel (such as contractors or vendors) who have the access and ability to disrupt the functioning of or to cause significant damage to a critical asset. This type of hazard is commonly referred to as the insider threat.

Claroty Support: There are two core functionalities through which Claroty's solutions help protect against insider threats and other personnel hazards. First, Claroty continuously monitors a customer's critical infrastructure network(s) for the earliest indicators of all manner of potential threats to critical assets — and these include insider threats. Second, Claroty tightly controls, monitors, and secures both onsite and remote access to critical assets for internal and third-party personnel, thereby substantially reducing the risk of intentional and unintentional insider threats and related risks.

We equip customers to understand, measure, and mitigate both internal and third-party risks.

CIRMP Hazard Type 4: Supply Chain

Hazard Details: Supply chain hazards cover the risk of disruption to supply chains to the extent that a critical asset is negatively impacted. The threat can be naturally occurring, malicious, or intended to compromise the respective critical asset. This type of hazard also encompasses risks posed by over-reliance on suppliers.

Claroty Support: Claroty helps mitigate supply chain risks by automatically correlating all critical assets against the latest common vulnerabilities and exposures (CVEs) and other cybersecurity weaknesses, continually assessing risks in critical infrastructure networks, and delivering secure-yet-frictionless remote access to these networks for internal and third-party users. As a result, customers can more effectively and efficiently assess, manage, and mitigate risk across their supply chains.

Claroty Solutions that Align with the SOCI Act

Claroty xDome

Claroty xDome is a flexible SaaS platform purpose-built for all use cases & types of CPS on the entire industrial cybersecurity journey.

Medigate by Claroty

Medigate by Claroty is a SaaS-based healthcare cybersecurity platform that safeguards the connected devices that underpin patient care.

Claroty xDome Secure Access

Claroty xDome Secure Access delivers frictionless, reliable, secure remote access for internal and third-party OT personnel.

Claroty CTD

Claroty Continuous Threat Detection (CTD) offers robust, on-premises cybersecurity controls for industrial environments.

Explore Additional Resources

Claroty Demo

Want to see how Claroty will support your entire XIoT cybersecurity journey?

LinkedIn Twitter YouTube Facebook