The Australian Cyber Security Centre (ACSC) has launched a nationwide program of cyber resilience and response activities for the electricity industry and for government agencies that have an energy and cyber security role.
‘The electricity industry provides an essential service for all Australians, and, like other critical infrastructure sectors, is a target for malicious cyber criminals,’ said Alastair MacGibbon, Head of the ACSC.
‘We’re inviting participation from across the electricity industry – market and power system operators, generators, storage providers, transmission and distribution network service providers, and retailers – as well as government,’ said Mr MacGibbon.
The ACSC is working closely with the Australian Energy Market Operator (AEMO) and other industry organisations across the electricity supply chain, as well as state and territory government agencies.
Information exchange and training activities
The ACSC is coordinating information exchange and training activities at the ACSC’s Joint Cyber Security Centres (JCSCs) in Adelaide, Brisbane, Canberra, Melbourne, Perth and Sydney throughout 2019.
These activities will enable technical, operational, communications and business continuity professionals from Australian-based electricity organisations to share experiences, information and techniques to better prevent, detect, respond to and recover from cyber security incidents.
Registration to participate is open throughout 2019.
National cyber security exercise for Australia’s electricity industry
‘We’re building on work already happening in the electricity industry and by government agencies to strengthen cyber security,’ said Mr MacGibbon.
‘Organisations should have cyber incident management plans in place and review them regularly to reflect changes in the organisation, operational and threat environments,’ he said.
Exercises are used to improve business processes and strengthen capabilities, and benefits include:
Validating and strengthening cyber security arrangements
Practising roles and responsibilities of teams and individuals
Examining interoperability of processes within and between organisations, sectors and jurisdictions
Increasing awareness and understanding of risks and potential consequences
Validating training and informing training requirements.
In partnership with electricity industry organisations and government agencies, the ACSC is coordinating a two-day functional exercise for Australia’s electricity industry in November 2019.
Who can participate?
The exercise is open to Australia’s electricity industry. This includes market and power system operators, generators, storage providers, transmission and distribution network service providers, and retailers.
The exercise is also open to Australian Government, and state and territory government agencies that have a role in the energy sector and cyber security.
‘Working together, Australia’s electricity industry can better prevent, detect, respond to and recover from cyber security incidents,’ said Mr MacGibbon.
What do organisations need to do?
Participating organisations are expected to plan, coordinate, conduct and evaluate their involvement in the exercise and contribute exercise learnings to inform a national exercise report.
The ACSC will provide Lead Planners from participating organisations with exercise planning documentation, as well as exercise management training and information sessions at the JCSCs from March to July 2019.
Registration to participate in the two-day functional exercise closes 31 May 2019.
Register your interest
To register your organisation’s interest to participate in the information exchange and training activities and/or the national exercise, or to seek more information, email firstname.lastname@example.org.