The role of CCTV and compliance with the SOCI Act
Local councils play a vital role in providing essential services such as water supply and sewerage management, and ensuring the security and resilience is not just a matter of good practice—it’s a legal obligation. The Security of Critical Infrastructure (SOCI) Act 2018 mandates that service providers submit risk management program reports by September 2024, outlining how they identify and mitigate risks to their assets from sabotage, espionage, coercion, or foreign interference.
The power of CCTV
One of the most effective tools local councils can leverage to enhance security and compliance is Closed-Circuit Television (CCTV). Here’s how CCTV systems contribute to safeguarding critical infrastructure:
- Physical threats: CCTV monitors and protects infrastructure from physical threats such as vandalism, theft, and trespassing. By providing real-time surveillance, it acts as a deterrent and helps prevent incidents.
- Cyber threats: Beyond physical security, CCTV also guards against cyber threats. It helps detect hacking attempts, malware, and unauthorised access. Properly secured CCTV systems contribute to overall cyber resilience.
- Incident evidence: When incidents occur, CCTV footage becomes invaluable evidence. Whether it’s a breach, theft, or other security event, having visual records aids investigations and supports compliance reporting.
Not all CCTV systems are equal
However, not all CCTV systems are created equal. To meet the stringent cybersecurity standards set by the Australian Signals Directorate (ASD), local councils must adhere to best practices:
- Data encryption: CCTV data should be encrypted both in transit and at rest.
- Access control: Secure access and authentication mechanisms are crucial.
- Regular updates: Keeping software and firmware up to date prevents vulnerabilities.
- Anomaly monitoring: Continuous monitoring helps detect unusual behaviour.
Navigating the SOCI Act
Understanding the SOCI Act and its reporting requirements is essential. The Critical Infrastructure Centre (CIC) oversees the Act and provides guidance to infrastructure owners and operators. However, given the Act’s relative novelty and complexity, many local councils may find compliance challenging.
Collaborate and learn
Local councils can benefit from collaboration with other organisations subject to the SOCI Act. Utilities, transport providers, and telecommunications companies face similar obligations. By sharing experiences and insights, councils can learn from each other, avoid pitfalls, and streamline reporting processes.
GRC specialists: Your allies
Governance, risk, and compliance (GRC) specialists bring real-world expertise. They can help local councils digitise audit and reporting workflows using customised templates and platforms. This approach saves time, improves accuracy, and enhances visibility.
Conclusion: Turning CCTV into impactful tools
In summary, CCTV goes beyond surveillance and should be treated as a strategic asset for local councils. By ensuring cyber-secure CCTV solutions and understanding SOCI Act requirements, councils can meet their obligations and enhance community security. Collaborating with peers and seeking GRC specialists’ assistance will help overcome challenges and turn CCTV into a valuable tool for safeguarding critical services.
