The six faces of a critical infrastructure leader

Australia is migrating to a more data-driven critical infrastructure, creating an increasingly interconnected and interdependent economy. Disruption from the pandemic is forcing organisations to embrace new technology and ways of working. As networks and systems become more sophisticated, they also become harder to defend.

Every 32 minutes there’s a cyber-attack on Australia’s critical infrastructure.

An expanding threat environment combined with greater digitisation has brought us to a dangerous crossroad. The federal government has stepped in to strengthen Australia's resilience through significant reforms to the Security of Critical Infrastructure (SOCI) Act 2018. These require stakeholders to uplift security through a range of new due diligence, risk mitigation and governance obligations. Complying with the legislation goes further than cybersecurity, compelling organisations to consider ‘all-hazards’ in the development and execution of their risk management strategies.

So where does a leader start? How do they push beyond their comfort zone and make meaningful contributions to the planning and response efforts required to protect the critical infrastructure their organisations are responsible for?

To successfully navigate an uncertain and progressively hazardous business environment, leadership teams need to take a ‘converged approach’ to security and resilience that shares responsibility and requires leaders to grow as a collective beyond limited and siloed skills. Everyone in the team must be capable and prepared to contribute to a range of issues, understand each other’s areas of responsibility and leverage each other’s talents.

To help traverse these complexities, we’ve developed the ‘six faces’ of a critical infrastructure leader. The faces focus on the core attributes Directors and senior executives require in developing comprehensive, defensible, and effective strategies that guide their organisations through a fluid landscape of hazards and obligations. Six faces and an all hazards approach is a process that delivers sustained value and greater efficiency.

As a leader of an organisation, can you answer these questions?

1. Is your organisation prepared to meet its obligations in finding and mitigating hazards?
2. Do you feel like you have a granular picture of all your assets and how they work together?
3. Do you feel like you have a solid understanding of the risks in your supply chain?
4. Do you have a comprehensive plan for dealing with insider threats?
5. Have you ever analysed the pathways a foreign nation might use to interfere with your organisation?
6. Have you considered how your approach to risk could impact your borrowing and finance?

The six faces of a critical infrastructure leader