Cyber Security Strategy 2025-30 launched
Our first Cyber Security strategy has been released, representing a significant milestone in our cyber maturity and outlining key initiatives for the next five years.
“The launch of this strategy is a significant milestone in our cyber security maturity, and will contribute to a robust and comprehensive cyber security capability across SA Power Networks Group,” Acting Chief Digital Officer Matthew Pritchard said.
“Over the next five years, it will guide how we prepare for, manage and respond to the increasingly complex threats we face, so we can continue to protect the critical services we provide to South Australians.”
The strategy is built on the knowledge we’ve gained through years of work to understand, forecast, prepare for and manage a safe and secure electricity supply. It distils that into 12 key initiatives and the actions required to support them.
“We’re incredibly proud to release the strategy, which draws on the extensive knowledge we’ve gained over these past years from building a resilient and threat-led cyber security capability,” Head of Cyber Security and IT Resilience Nathan Morelli said.
“The strategy focuses our efforts where they're needed most by guiding our activities in a targeted way, identifying gaps and prioritising our resources.
“Ultimately, we’re operating in a constantly evolving threat landscape, which means we will continue to monitor and review our initiatives and adjust our activities accordingly.”
What’s inside
Download and read the SA Power Networks and Enerven Cyber Security Strategy 2025 - 2030
The Cyber Security strategy outlines 10 key risks we face, such as environmental compromise, critical systems failure, supply-chain failure and poor cyber culture.
These risks are addressed by 12 key initiatives (each initiative applies to one or more risk). The strategy outlines the initiatives in detail, including actions and timeline.
It also includes a roadmap for the initiatives, showing when each will be deployed over the next five years and the risks they manage.
The strategy supports our Digital and Data Strategy and extends on the Australian Energy Sector Cyber Security Framework (AESCSF) with a threat and risk-based approach to effectively address SA Power Networks’ needs.