• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Logo of Agilient Security Consultants, Australia

Agilient Security Consultants Australia

Cybersecurity & Risk Management Specialists

Menu
  • Home
  • Industries
      • Aviation
      • Defence & Defence Industry
      • Government
      • Health & Hospitals
      • Corrections and Detention
      • Maritime
      • Aged Care Facilities
      • Mining, Oil & Gas
      • Public Venues & Events
      • Rail
      • Research and Education Industry
      • Telecommunications
      • Utilities
    • advice-colleagues-communication-newIndustries
  • Services
      • Cybersecurity
      • Protective Security
      • Business Resilience
      • Building Security Consultants
      • Security Audits
      • Pandemic Planning
      • Electronic Security
      • IT Disaster Recovery Plan
      • Security Consultants
      • CCTV and Security Cameras
      • Duress Alarms
      • Security Risk Assessment Consultants
      • Managed Security Service Provider
      • Protection against Vehicles as a Weapon
    • training-1Services
  • Solutions
    • banner-menuUnisys Solutions
    • CTO-Blog-110619-Header-GraphicLookingGlass Solutions
    • menu-bg-2Dell Technologies (RSA) Solutions
    • Sightline-Visualization-menuSightline Solutions
  • Resources
    • menumanagers-dealing-customer-agreTraining
    • working-together-newJoin The Tribe
    • Webinars_3-1.jpgUpcoming and Past Events
    • hacking-detected-shutterstock_newResources
  • Articles
  • About
    • About Us
      We are an Australian owned and operated security company specialising in risk, cybersecurity, protective security, crisis and business continuity management services.
    • frequently-asked-questions-smallFAQ’s
    • bg-menu-government-institutionsConsultant Registration
  • Contact Us
Contact Us

The Growing Cyber Threat and the Electricity Sector

You are here: Home / General / The Growing Cyber Threat and the Electricity Sector

Across the globe, countries are transforming their critical infrastructure industries, as the physical and digital worlds continue to converge at an astonishing rate. At the same time, global cyber threats are becoming increasingly sophisticated, with threat actors developing an eye for bigger and bigger targets. In this context, several experts have pointed out that Australia’s electricity sector is concerningly unprepared for a cyber-attack.

The electricity market is part of Australia’s critical infrastructure, designated as an asset that is vital for the functioning of our economy and society. Essentially, an unsafe and unsecure electricity market would have unprecedented and far-reaching consequences for the entire country’s social and economic wellbeing. Unfortunately, as the Australian Energy Market Operator (AEMO) puts it, “the maintenance of the security of the power system against malicious cyber-attacks is a vexing and growing reality of our times”.

There is no doubt that the cyber threat among the electricity industry, and many other industries for that matter, is severe and intensifying. Rachel Noble, head of the Australian Cyber Security Centre explains that “the scale and impact of malicious cyber activity, by those seeking to harm or disrupt Australians, is increasing”. Specifically, Australia is home to one of the longest single electricity grids – spanning over 5,000 kilometres from Port Douglas to Tasmania – that delivers power to the majority of the country. On top of this, Australia is one of the biggest energy exporters in the world, and holds the unfortunate record of being one of the first nations to experience a cyber-attack on critical infrastructure after the Maroochydore sewage system attack in 2000.

In this context, the “opportunity to conduct a high-impact attack is significant”, Accenture explains. In a 2018 report, consulting firm Accenture confirmed that studies indicated a “very high chance that a targeted attack against a major Australian critical infrastructure operator will inevitably have a significant impact and could occur at any time”. Unfortunately, the report yet again found that the industry was “unfamiliar with the threat environment, understaffed to meet the challenge and underprepared to respond”.

Dr Alan Finkel, Australia’s Chief Scientist, conducted a review in June 2017 into the Future Security of the National Electricity Market. In his review, Dr Finkel explains that, as Australia braces for the massive industrial and technological changes facing our electricity system, we must focus on being well-prepared to ensure security, reliability and affordability. He went on to suggest that “Australia has a once-in-a-generation opportunity to reshape our electricity system for the future”, making a series of recommendations aimed at improving the industry’s currently lacklustre cybersecurity policies and attitude.

In 2018, the Security of Critical Infrastructure Act 2018 was passed with the aim to “manage the complex and evolving national security risks of sabotage, espionage and coercion posed by foreign involvement in Australia’s critical infrastructure”. By 2018 the first annual report from the AEMO was released, and there was hope that significant improvement must have been made. However, this was not the case. Indeed, the AEMO “completed a stocktake and concluded that the current provisions in the national energy regulatory framework are inadequate to address cyber security risk to the National Electricity Market”.

Then in late 2018, in response to AEMO’s insistence on improved security maturity, the organisation teamed up with the Australian Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC) to develop a nationwide program of cybersecurity resilience and response activities for the electricity industry, actively working with both energy sector organisations and government agencies.  Throughout 2019 the program engaged with 100 participants from 50 industry partners and government agencies, including through “cyber security incident response and exercise training, information exchange sessions on operational technology systems, and presentations on government cyber security arrangements, red teaming and industry uplift programs”.

The significant cooperation, coordination and response to this evolving threat from within the industry is notable, and only time will tell if the industry will continue to address these problems effectively. Either way, the concerted response is unfortunately uncommon. Many organisations fail to prepare, invariably choosing to be reactive rather than proactive when it comes to the cyber threat, and simply not understanding the value that comes from effective cybersecurity integration. On the other end of the spectrum are the organisations that have paid attention to cybersecurity and acted accordingly, only to forget their responsibility to continuously revise and evolve their strategies. The task of cybersecurity is daunting and endless. Fortunately, this is where experts such as Agilient come in – we work closely with our clients to understand, prioritise and manage their cybersecurity needs in order to address the issues of today, while also preparing them for the challenges of tomorrow. Contact us today to find out how we can help you improve your cybersecurity practices.

Author: Elsa Chapple

 

Tweet
Share

General,  Security News cyber attack,  cyber security,  cyber threat,  cybersecurity,  electricity industry,  electricity sector,  Government agencies,  industry

Looking for a security partner? Get in touch with Agilient.

Looking for practical and cost-effective security and risk solutions for your government department, agency or company? Speak with Australia’s leading senior security, risk and resilience experts.


Looking for a pandemic planning partner? Get in touch with Agilient.

Looking for practical and cost-effective risk management solutions for your government department, agency or company? Speak with Australia’s leading senior risk and emergency management experts.



Footer

Agilient is a proud member of

Ai Group Defence Council
Australian Industry & Defence Network
Australian Security Industry Association
Sydney Aerospace & Defence Interest Group

Company and Licensing Details:

ABN: 37 157 911 441
NSW Security Master Licence # 410783087
ACT Security Master Licence # 17502184
Vic Security Registration # 878-460-40S
Qld Security Firm Licence # 3834422

Join The Tribe

Sign up to receive our regular Agilient newsletter including the latest security, risk and resilience updates

Sign up now

Copyright © 2022 Agilient – Level 14, 275 Alfred St, North Sydney NSW 2060 Australia – 1300 341 692