This bill became law on Mar 27th, 2025.
Transport & communications
Cyber attacks that affect aviation or maritime operations now fall under transport security law, and transport operators must report qualifying cyber incidents.
Transport security laws were built for terrorism, and cyber threats, COVID-19 and supply chain disruptions exposed gaps in protecting aviation and maritime operations. The bill expands the law to cover cyber incidents and broader hazards, requires operators to assess and report risks, and lets government order extra security steps.
Australia’s transport security laws were built mainly to stop terrorism and serious crime, but a 2021 independent reviewThe 2021 review that recommended a more flexible, risk-based security framework and led to these reforms. and its mid-2022 final report found they needed a more flexible, risk-based model as cyber threats and wider disruptions increasingly affected aviation and maritime operations. The government introduced the bill in November 2024 to extend the regime to cyber incidents and broader hazards, and Parliament passed it in March 2025 after the armed Avalon Airport security breach sharpened the case for stronger transport security powers.
The main criticism was not about the bill’s security goal but about how it will be implemented, with concerns that broader obligations and direction powers could create unclear rules, compliance costs and operational strain if guidance, consultation and regulator resources are inadequate. Those reservations were raised while supporting the bill, especially by Coalition speakers who backed passage but warned against disproportionate burdens on regional operators and pushed for clear regulations and transition time.
Hon Matt Thistlethwaite MP introduced this bill. It passed on the voices.
Did it become law?
Yes
Became law 27 Mar 2025
Final passage
Passed without a counted vote
Members called out ‘aye’ or ‘no’ — no individual votes were recorded.
Passage speed
119 days
From introduction to the latest recorded parliamentary step
Meaning
Cyber attacks that affect aviation or maritime operations now fall under transport security law, and transport operators must report qualifying cyber incidents.
Airlines, airports, ports and other transport operators will have to assess and manage a wider range of risks, including cyber threats, supply chain disruptions, staff risks and natural disasters.
The maritime sector will face covert security tests and broader vulnerability testingTesting that tries to expose weak points in a security system before they can be exploited. so government and industry can find weak points before they are exploited.
The Home Affairs Secretary can direct transport operators to take extra security steps when there is a known threat or when the risk from an existing threat changes.
Some low-risk vessels will face less red tape, including dual-purpose ships that will no longer need two security plans.
It amends the definition of 'unlawful interference' to capture current and emerging threats that are not bound by physical or geographical location, including cybersecurity incidents. Mandatory cybersecurity incident reporting is being introduced. This requirement will align the transport sector with other critical infrastructure sectors and ensure that Australia is meetings its international security obligations.Minister's second reading speech
It introduces an all hazards security framework that will require entities to proactively identify and mitigate risks to physical security, personnel security, cybersecurity, supply chain resilience and natural hazards. This reflects the shift away from a counterterrorism focus towards a more proactive, holistic approach to current and emerging threats.Minister's second reading speech
It will introduce vulnerability testing in the aviation and maritime sectors to allow the department to assess what security improvements need to be made to people, processes technology and legislation. Vulnerability testing will assist the department to test the limits of a system's capability to improve Australia's aviation and maritime security settings and to partner with industry to identify potential vulnerabilities.Minister's second reading speech
It will broaden and align the secretary's power across the legislative frameworks to issue a security direction where a specific or general threat of unlawful interference is made or exists or there's a change in the nature or risk of an existing threat of unlawful interference.Minister's second reading speech
Currently, Australian and foreign flagged ships that operate as both a ship and an offshore facility are required to have two security plans. The Bill removes the requirement for these ships to have an offshore security plan, meaning the MTOFSA will only require these vessels to have an approved ship security plan. This will achieve proportionate regulation for the small cohort of dual-purpose vessels and align regulation for low risk participants and relevant threat assessments.Transport Security Amendment (Security of Australia’s Transport Sector) explanatory memorandum
Context
Australia’s transport security laws were built mainly to stop terrorism and serious crime, but a 2021 independent reviewThe 2021 review that recommended a more flexible, risk-based security framework and led to these reforms. and its mid-2022 final report found they needed a more flexible, risk-based model as cyber threats and wider disruptions increasingly affected aviation and maritime operations. The government introduced the bill in November 2024 to extend the regime to cyber incidents and broader hazards, and Parliament passed it in March 2025 after the armed Avalon Airport security breach sharpened the case for stronger transport security powers.
Independent reviewThe 2021 review that recommended a more flexible, risk-based security framework and led to these reforms. of transport security settings is commissioned
The government commissioned an independent reviewThe 2021 review that recommended a more flexible, risk-based security framework and led to these reforms. of Australia’s aviation and maritime transport security settings to examine whether the existing laws were still fit for purpose.
Transport Security Amendment (Security of Australia’s Transport Sector) explanatory memorandum ↗Review report recommends a more risk-based transport security framework
The review’s final report grouped its recommendations around updating legislative and policy settings so regulation could better respond to changing threats.
Transport Security Amendment (Security of Australia’s Transport Sector) explanatory memorandum ↗Government introduces bill to expand transport security beyond terrorism risks
Ministers presented the bill as a response to current and emerging threats facing aviation and maritime sectors, including the need for stronger security and resilience settings.
Hansard ↗Avalon Airport armed security breach underscores the live risk
During debate, opposition speakers pointed to the teenager who breached Avalon Airport security and boarded a flight armed with a shotgun earlier that month as a stark reminder of transport security vulnerabilities.
Hansard ↗Parliament passes the bill
Both houses passed the bill in the same form, clearing the way for the updated transport security regime to become law.
Parliamentary timeline ↗Royal Assent makes the transport security changes law
Royal Assent turned the bill into an Act, formally enabling expanded cyber incident coverage, broader risk-management duties and new direction powers.
Parliamentary timeline ↗Legislative route
The bill was formally presented to the chamber and read a first time, which starts its parliamentary journey.
Introduced and read a first time
A minister or sponsoring member moved the second reading, opening the main debate on the bill's purpose and principles.
Second reading moved
Referred to Committee (23/01/2025): Parliamentary Joint Committee on Intelligence and Security; Committee report (07/03/2025)
Referred to committee
APH bill page notesConsidered by scrutiny committee (05/02/2025): Senate Standing Committee for the Scrutiny of Bills; Scrutiny Digest 1 of 2025
Considered by scrutiny committee
APH bill page notesThe bill reached this recorded parliamentary step.
The chamber agreed to the bill at second reading, meaning it accepted the bill in principle and allowed it to continue.
Second reading agreed to
The chamber considered amendments before the bill moved to the next stage.
Consideration in detail debate
The chamber agreed to the bill at third reading, which completed passage through that chamber.
Third reading agreed to
The bill was formally presented to the chamber and read a first time, which starts its parliamentary journey.
Introduced and read a first time
A minister or sponsoring member moved the second reading, opening the main debate on the bill's purpose and principles.
Second reading moved
The chamber agreed to the bill at second reading, meaning it accepted the bill in principle and allowed it to continue.
Second reading agreed to
The chamber agreed to the bill at third reading, which completed passage through that chamber.
Third reading agreed to
Both houses passed the bill in the same form, completing parliamentary passage.
Finally passed both Houses
The Governor-General gave Royal Assent, turning the bill into an Act.
Key criticism
The main criticism was not about the bill’s security goal but about how it will be implemented, with concerns that broader obligations and direction powers could create unclear rules, compliance costs and operational strain if guidance, consultation and regulator resources are inadequate. Those reservations were raised while supporting the bill, especially by Coalition speakers who backed passage but warned against disproportionate burdens on regional operators and pushed for clear regulations and transition time.
No party represented in the debate opposed the bill, but support came with implementation cautions.
Risk of unclear rules and under-resourced enforcement
Coalition speakers said the expanded framework needs clear regulations, proper consultation and adequate regulator resourcing, warning that otherwise operators could face uncertainty and uneven or impractical compliance expectations.
Possible disproportionate burden on regional operators
Concern was raised that the new security and risk-management requirements should not fall too heavily on regional airports, and that affected operators need consultation and enough transition time to adapt without unnecessary disruption.
Further sources
Votes
The bill passed both chambers on the voices, so there is no list of individual Aye and No votes for final passage.
House agreed to the bill's third reading on the voices, so there is no list of individual Aye and No votes for final passage in that chamber.
Passed on the voices
In a voice vote, members call out Aye or No and the presiding officer judges which side has it. Individual names are only recorded if a formal division is called.
Senate agreed to the bill's third reading on the voices, so there is no list of individual Aye and No votes for final passage in that chamber.
Passed on the voices
In a voice vote, members call out Aye or No and the presiding officer judges which side has it. Individual names are only recorded if a formal division is called.
Amendments grouped by chamber. Where APH reports aggregate counts, the package card summarizes the matching public amendment sheets by source theme.
House
Government amendments would change the bill text to lift several penalties and add requirements for the Secretary to notify the Minister after giving security directions.
Passed on the voices
The chamber agreed to this amendment package without a counted vote. APH records the agreed count by amendment, while the source documents are grouped into amendment sheets.
Parliamentary debate
Start here — lead voices
Mr Thistlethwaite supports the bill and says it will modernise transport security for current threats like cyber incidents, sabotage and foreign interference by strengthening resilience, reporting and compliance powers.
Read in Hansard ↗McCormack says the coalition supports the bill because it strengthens transport security and responds to real threats.
Read in Hansard ↗Hastie says the coalition will support the bill because it strengthens transport security against cyber, physical and supply chain threats and updates the framework to reflect current risks.
Read in Hansard ↗All speeches by bloc
2 speakers · 2 support
“The coalition supports this bill, which recognises the importance in the framework of national security, and the amendments as well.”Read the full speech in Hansard ↗
“This is why we need this bill, this is why the coalition supports this bill and this is why the coalition will always act in the national interest and take the necessary action to keep Australians safe. So we will be supporting this bill, and I commend it to the House.”Read the full speech in Hansard ↗
1 speaker · 1 support
“This bill will strengthen government's and industry's resilience to current and emerging threats, and will provide the chance for government and industry to strengthen its capabilities and partnerships. This bill reaffirms the government's commitment to Australia maintaining world-leading transport security settings.”Read the full speech in Hansard ↗
Record
House · Introduced and read a first time
Introduced
The bill was formally presented to the chamber and read a first time, which starts its parliamentary journey.
House · Second reading moved
Second reading opened
A minister or sponsoring member moved the second reading, opening the main debate on the bill's purpose and principles.
House · Second reading debate
Second reading debate
The bill reached this recorded parliamentary step.
House · Second reading agreed to
Second reading agreed
The chamber agreed to the bill at second reading, meaning it accepted the bill in principle and allowed it to continue.
House · Consideration in detail: amendments considered
Amendment packages agreed
The chamber considered amendments before the bill moved to the next stage.
House · Third reading agreed to
Third reading agreed
The chamber agreed to the bill at third reading, which completed passage through that chamber.
Senate · Introduced and read a first time
Introduced
The bill was formally presented to the chamber and read a first time, which starts its parliamentary journey.
Senate · Second reading moved
Second reading opened
A minister or sponsoring member moved the second reading, opening the main debate on the bill's purpose and principles.
Senate · Second reading agreed to
Second reading agreed
The chamber agreed to the bill at second reading, meaning it accepted the bill in principle and allowed it to continue.
Senate · Third reading agreed to
Third reading agreed
The chamber agreed to the bill at third reading, which completed passage through that chamber.
Parliament · Finally passed both Houses
Passed both houses
Both houses passed the bill in the same form, completing parliamentary passage.
Assent · Assent
Assent
The Governor-General gave Royal Assent, turning the bill into an Act.
Parliamentary Joint Committee on Intelligence and Security; Committee report (07/03/2025)
Referred to committee
Referred to Committee (23 Jan 2025): Parliamentary Joint Committee on Intelligence and Security; Committee report (7 Mar 2025)
APH bill page notesSenate Standing Committee for the Scrutiny of Bills
Considered by scrutiny committee
Considered by scrutiny committee (5 Feb 2025): Senate Standing Committee for the Scrutiny of Bills; Scrutiny Digest 1 of 2025
APH bill page notes