National cyber security reform across Australian’s energy sector is gaining momentum, with the Australian Energy Market Operator (AEMO) working closely with the Australian Cyber Security Centre (ACSC), to progress a range of important initiatives to uplift the sector’s awareness and response strategies to cyber threats.
In an initiative that was supported by the COAG Energy Council in December 2018, AEMO, together with the wider energy sector and governments, has embarked on a program to uplift cyber capability and maturity. AEMO has published the Australian Energy Sector Cyber Security Framework (AESCSF) and a range of resources here. A sector-wide, cross-jurisdictional working and sub-working groups (e.g. Cyber Security Industry Working Group, Readiness and Resilience Sub-Working Group ) have been established to oversee and target focus areas, and has fostered the growth of information exchanges and intelligence sharing communities.
The ACSC, in partnership with AEMO, is delivering a training and exercise program for the Energy Sector throughout 2019. Core elements of this program include the development of incident response protocols and processes, and testing through a series of exercises including a national exercise, GridEx, in late 2019.
Sector interest in GridEx has been strong, with more than 30 organisations to date registering to participate. Each jurisdiction across the country is represented, with participation by transmission and distribution networks; generation and retail companies; market generators; market bodies; and Commonwealth and State and Territory government agencies expected.
We will continue to provide updates on the broader cyber security uplift program throughout the year. In the meantime, for a deep dive into the specific cyber challenges facing the energy industry, check out our podcast with AEMO's Chief Security Officer, Tim Daly.