The Parliamentary Joint Committee on Intelligence and Security heard evidence yesterday on the second bill to protect critical infrastructure from cyber attack

And pretty much pleased university representatives were, “this has been a terrific process” Catriona Jackson from Universities Australia said. Which was not the view of witnesses from other industries, who seemed surprised they were covered.

But university lobbies have known from the start that they were included under the legislation in  its current and past forms (CMM December 1 2020, February 15, September 30 2021). They argued long and hard against the original, and are much happier with the new version, if not entirely relaxed with way the bill impacts HE. – Vicki Thomson from the Group of Eight was deep in the policy weeds yesterday as to what the legislation means by “system of national significance.”

Luke Sheehy (Australian Technology Network) summed it up, telling the committee, “we think this level of engagement is the model moving forward.”

This is why universities should be pleased to pay membership fees to their lobbies. If legislated, the original bill would have subjected all university operations, (not just the bits that need high-security) to mandatory risk management by officials  and placed institutions under “enhanced cyber security obligations.”

But their lobbies engaged with officials, presented well before the elite PJCIS, and were always on message about protecting national security without disrupting their members. The result would have been way worse without them.