AGL is a large generator, distributor and retailer of energy including alternative sources. Where do you spend most of your attention?
AGL is transitioning its business, focusing on how it can deliver reliable, affordable energy to its customers and decarbonise its generation portfolio over time, and the digital agenda.
From a security perspective, this is causing a change to AGL's threat and risk landscape which we have to prepare for. My main focus at the moment is Governance, Security Awareness and improving risk management.
That is, know our risks, what we need to protect and focus the resources on those areas.
I've noted the recent Ukrainian power cyber security incidents. I'm curious what's your reaction when you hear of such events?
For organisations, the view has to be taken that it is a matter of when, not if (that a cyber incident will occur). The Ukrainian incident appears, on face value, to be Nation State driven and it will have flow on effects as the methods used become mainstream.
This is what happened with the event in Iran a few years ago, that is, Stuxnet. It does highlight that we have to be vigilant, continually thinking not only about the basics but also trying to anticipate what could and will happen.
While the threats are increasing and evolving we have to ensure that we become creative in understanding how we could be compromised and respond accordingly.
The CISO has to educate the Board and executive team in a way that enables understanding of the risks and that we are not able to protect/secure everything. Again focus is key in the areas that manage the risks.
The anticipatory nature of what we do as security professionals is key, though we don't always get it right, the opportunity to support the business proactively is immense.
Are you actively collaborating with your peers in critical infrastructures around threat intelligence both here in Australia and overseas?
This is a key area for me and I have sat on a number of industry boards in the US and Europe over the years to create a core capability within organisations. Every organisation should have an approach to Threat Intelligence, which provides not only the operational aspects but more of the broader non-technical areas which may have an impact.
In bringing this together it assists in becoming a more proactive capability within the organisation. Why Threat Intelligence for collaboration? Historically this has been viewed as a very technical space when in fact it should be a strategic driver and communication medium.
It should have a technical aspect underpinning it and must have an integrated approach for the gathering of all forms of information and dissemination inside and outside the organisation.
Sign up for CIO Asia eNewsletters.