Loading

    Critical Infrastructure Security Conference 2025

    ​​​​​​
    Hamish Hansford speaking at the 2025 Critical Infrastructure Security Conference
    Image: Hamish Hansford, the former Deputy Secretary of the Cyber and Infrastructure Security Group​​, speaking at the 2025 Critical Infrastructure Security Conference

    The 2025 Critical Infrastructure Security Conference was held on 30 April at the Grand Hyatt Hotel in Melbourne. The theme of the conference was Risk Management in Action. More than 400 critical infrastructure owners and operators attended this flagship event hosted by the National Security Group. Attendees joined representatives from Commonwealth, state and territory government to discuss best practice risk mitigation to stay ahead of evolving threats and build capability to protect Australia's critical infrastructure.

    Hamish Hansford, the then ​Deputy Secretary of the Cyber and Infrastructure Security Group​, opened the conference. He highlighted the need to protect Australia's infrastructure and supply chains. He also stressed the value of working together across government and industry.

    The event program included panel discussions, lightning talks and presentations. Industry and government experts shared challenges, solutions and new ways to manage risk and uplift security.

    Featured topics included:

    • the importance of maintaining critical services during a severe weather event
    • the impact of space-related factors on the function and reliability of critical infrastructure, and
    • busting the myths around achieving cyber readiness

    Conference attendees also had the opportunity to learn more about the wide range of government services supporting critical infrastructure stakeholders, with staff hosting exhibition booths to showcase information, resources and insight into the various networks available to stakeholders.

    Watch the video to see highlights from the day.​


    Hamish Hansford:

    So I think since we last met, Hollywood's shown us, some of the difficult situations that we might face into the future and perhaps giving us some questions to really think about in terms of our role, about transparency, about the role that we have in the prevent mission. And particularly if you're thinking about the title of this conference about risk management, how do we start to prepare for, situations that might occur in the future?

    Michael Gatt:

    When there is a large scale outage, it's all about communications, the ability to be able to talk to people and engage, at every level of government there is huge accountability to the general public to keep the lights on or get them back on as quickly as we possibly can.

    Nerrida Graham:

    During Cyclone Alford. Energy Queensland had to deploy large numbers of our workforce to the affected areas so that we could, restore power to our communities as safely and quickly as possible.

    Anthony Morgan:

    The conversation already, this morning has demonstrated the value of industry and government coming together. It's an opportunity to share and, discuss problems that might otherwise not come to the fore, but also for, government to understand what the industry needs in terms of support to, to do the important work that they're doing to build resilience in critical infrastructure. Also for government to have the insights from industry to know how to ensure that the policy or regulatory environment, best meets the needs of industry as well.

    Monique Cornish:

    We are in the middle of a policy process, looking to enhance the cyber security of New Zealand's critical infrastructure system and we absolutely look to Australia, the rest of our C5 partners and also like minded jurisdictions like Singapore to learn from what's worked and most importantly, to learn from what maybe didn't work so well.

    Berin Lautenbach:

    So I think one of the best things about this conference is you're bringing all of the critical infrastructure players together. Now they can do two things. They can either walk away each individually going, what have I learnt here? Or as a whole sector of critical infrastructure, we can have everyone lean in and think about, right, I'm part of a bigger ecosystem. How do we work together to solve some of the cybersecurity problems that are coming?

    Sally Pfeiffer

    Our partnership with industry is fundamental in how we will protect critical infrastructure into the future. We work so closely with industry, and it's really important for us to understand what's happening in the industry, what they're seeing, how they responding, and for us to really help support, their efforts in protecting critical infrastructure and making sure that we're aware of emerging threats as well.