The federal government will provide $42.4 million to the Department of Home Affairs to secure critical infrastructure assets and help owners and operators respond to major cyber attacks.

The funding, revealed in the budget earlier this month, comes ahead of the introduction of the Security Legislation Amendment (Critical Infrastructure) Bill 2020, which is currently before parliament.

If passed, the bill will enable Australia's cyber spooks to direct operators of systems of national significance to undertake prescribed activities such as vulnerability assessments and cyber security exercises.

In exception circumstances, the legislation will also allow the government to intervene in a cyber incident that is deemed particularly serious.

Budget papers reveal the funding – to be provided over two years – will be used to “improve security arrangements for critical assets”, including those deemed systems of national significance.

It will also be used to “assist critical infrastructure owners and operators to respond to significant cyber attacks”, though it is not clear if the private sector will receive any of the funding.

Companies that will come under the scope of the new laws, including Qantas and AGL Energy, have previously asked the government to at least partially cover the cost of compliance.

While no breakdown of the funding is provided, the bulk of the money falls in 2021-22 ($23.9 million).

Cyber hubs

The government has also revealed the cost of its three whole-of-government ‘cyber hub’ pilots that will centralise the “delivery of cyber capabilities and services for government agencies”.

The hubs, which were revealed late last month, will be positioned in some of Canberra’s largest IT shops, namely the Department of Defence, Department of Home Affairs and Services Australia.

Budget papers reveal $18.8 million in funding in 2021-22, some of which will be “partially met from within the existing resources" of Defence, Services Australia and the Australian Signals Directorate.