Operational resilience

March 11, 2026

At the ASIC Annual Forum in November the ASIO Director General Mike Burgess made something crystal clear. The threat of high impact cyber sabotage in Australia is no longer a distant or hypothetical scenario. State backed adversaries are actively probing Australia’s critical infrastructure, looking for opportunities to disrupt power, poison water supplies, interfere with telecommunications and destabilise financial systems. These risks are not theoretical. They are already unfolding around the world, and Australia has become a prime target.

The implications of this growing threat extend far beyond government agencies and essential service providers. Private sector organisations are now firmly in the firing line too. Concerningly, he noted, was that parts of the economy were vulnerable to attack, despite many companies believing that they have strong cybersecurity programs in place. Recent events across Australia and the United Kingdom have shown that even well-resourced enterprises can be blindsided by sophisticated attackers who quietly exploit unseen vulnerabilities and control weaknesses.

In this environment, relying on periodic checks or traditional security indicators simply is not enough. If organisations cannot see the full extent of their exposure, they cannot hope to defend themselves against it.

A Shifting Threat Landscape

Recent high-profile attacks in the UK demonstrate just how quickly a cyber incident can escalate into a national problem. Disruptions at major retailers and manufacturers triggered operational shutdowns, supplier impacts and financial losses running into the billions. In one case, the damage was so severe that it contributed to a measurable drop in the UK’s quarterly GDP.

This is the new reality. Adversaries are no longer limiting their attention to public sector infrastructure. They are targeting private enterprises, supply chains and commercial operations to create maximum disruption. The goal is not always data theft. Increasingly, it is sabotage, destabilisation and economic advantage.

ASIO’s assessment of Australia’s cyber fragility mirrors the concerns raised by UK authorities. Both warn of a widening gap between the escalating sophistication of cyber threats and the current ability of organisations to defend against them. In both markets, the underlying message is the same. The threat is well understood, the vulnerabilities are visible and the risks are manageable. But only if leaders take action now.

Complexity is not an excuse

One of Burgess’s most powerful observations was simple. Complexity is not an excuse. If risks are foreseeable and vulnerabilities are knowable, then failing to act is a strategic oversight.

This message should resonate across boardrooms. Because many organisations still treat cyber risk management as a compliance requirement, rather than a routine component of operational resilience. They rely on historic assurances, legacy reports or gut feel assessment. They assume that silence means safety. Unfortunately, however, silence is often the gap where adversaries quietly operate to exploit weaknesses.

To build true cyber resilience, organisations need three pillars of understanding.

  1. Clear visibility of what is valuable. This includes data, intellectual property, operational systems and supply chain dependencies.
  2. Insight into what is vulnerable. Not once a year, but continuously. Threats evolve quickly, and so do internal weaknesses.
  3. Reliable mitigation and oversight. This requires more than basic controls. It demands ongoing intelligence, data driven validation and measurable risk reporting.

Without these elements, leaders cannot form an accurate picture of their threat exposure. And without visibility, there is no resilience.

Operational Resilience depends on timely intelligence

The modern enterprise is deeply interconnected. A single attack can cascade through suppliers, partners and critical functions within hours. The attacks seen in the UK proved just how widespread and long lasting the impact of a single breach can be. Production halted. Employees were sent home. Supply chains faltered. Costs climbed into the billions.

What many organisations fail to recognise is that the true cost of cyber sabotage is rarely isolated or immediate. Disruption compounds across operations, customers and supply networks. Recovery takes time. Reputation suffers. Regulators take interest.

Most importantly, threats often sit inside networks long before activation. Attackers study internal systems, map vulnerabilities and wait for the moment when their actions will cause maximum disruption.

Resilience requires more than defence. It requires intelligence. It requires the ability to detect, measure and respond to changes in threat exposure with speed and accuracy.

Building real cyber resilience

Effective cyber risk management is not a one-off initiative. It is an ongoing process that adapts as threats evolve. The organisations that withstand attacks are those that have built systems and practices founded on timely, data driven insights and lessons learned.

To strengthen resilience, organisations must:

  • Invest in robust and adaptable cybersecurity controls
  • Improve visibility across all stages of potential attack activity
  • Implement intelligence driven monitoring and measurement
  • Provide accurate, actionable reporting to boards and stakeholders
  • Maintain the agility to respond when threat exposure changes

This approach ensures organisations are not blindsided by vulnerabilities they did not know existed.

The path forward

Australia is facing a critical moment. Cyber sabotage is a real and dynamic risk. The vulnerabilities are known. The consequences are severe. Adversaries are currently exploiting its complexity. But with the right risk management practices, effective cybersecurity protection is achievable.

Leaders must recognise that cyber resilience is not simply a technical responsibility. It is an ongoing business continuity requirement. It protects your organisation’s reputation, financial stability, operational capability and future competitiveness.

Now is the time for decision makers to take these warnings seriously and act. The organisations that invest in continuous visibility, reliable controls and intelligence driven risk management will be the ones best able to withstand the challenges ahead.

Huntsman is committed to supporting that journey by equipping organisations with the ongoing insights and actionable intelligence needed to stay resilient in an increasingly hostile digital world.

BLOG POSTS

Related Cybersecurity Content

Effective detection of cyber security events that may affect the information systems supporting essential functions

February 11, 2026

Adopting the NCSC CAF 4.0: Detecting and Responding to Cyber Security Events Part 2 of a 2-part series on adopting the NCSC Cyber Assessment Framework (CAF 4.0) The NCSC Cyber Assessment Framework (CAF 4.0), released in September 2025, reinforces the need for organisations to move from reactive cyber security practices to measurable, outcome-based resilience. It […]

Read more

How to adopt the NCSC CAF 4.0

December 8, 2025

Getting Security Governance and Risk Management Right Part 1 of a 2-part series on adopting the NCSC Cyber Assessment Framework (CAF 4.0) In September 2025, the UK’s National Cyber Security Centre (NCSC) updated its Cyber Assessment Framework (CAF) to version 4.0, marking a significant evolution in how organisations assess and improve their cyber security maturity. […]

Read more

AI Threats Circle Unprepared Businesses

December 1, 2025

With promises of operational efficiencies many organisations are accelerating the adoption of AI. At the same time other organisations are struggling to step back and assess the real benefits AI offers. There is uncertainty about “sharing” sensitive information with an unknown AI assistant. This challenge isn’t new. Cyber security has long grappled with building trust […]

Read more

Cyber Security Predictions for 2026

October 7, 2025

2026 will bring new challenges for CISOs and security teams. Explore Huntsman Security’s six predictions - from geopolitical uncertainty to Secure by Design practices - that will shape the year’s cyber landscape.

Read more

Patching is Too Patchy, Say NCSC, ACSC and Friends

September 10, 2025

This type of joint-advisory has become all too familiar – the cyber security community again urging organisations to mitigate known, and avoidable, security weaknesses and vulnerabilities. The recent release from NCSC, ACSC and their counterparts details  a number of frequently exploited attacks and identifies their originating source – foreign commercial entities. Organisations, particularly those in […]

Read more

Beyond Compliance: The Case for Continuous Threat Exposure Management

September 4, 2025

Organisations must transform their threat exposure management practices to stay in control of their cyber security and minimise risk of disruption. This shift is essential to meet the growing volume and velocity of disruptions driven by today’s increasingly volatile threat environment. Managing an effective cyber security posture is already a problem for many organisations. Limited […]

Read more

Retail Cyber Attacks: A Costly Wake-Up Call for Businesses

July 15, 2025

The recent retail ransomware breaches and what organisations must do next In recent months, UK retail giants Marks & Spencer, Co-op, and Harrods were all hit by significant cyber security breaches. These retail cyber attacks, reportedly involving ransomware and groups such as Scattered Spider and DragonForce, disrupted operations, sparked investigations by the UK’s National Cyber […]

Read more

Why the ACSC Essential Eight is Crucial for Meeting SOCI Cyber Reporting Obligations

June 30, 2025

Organisations subject to Australia’s Security of Critical Infrastructure Act 2018 (SOCI) face a tough challenge: how to meet strict cyber incident reporting timelines while juggling a mix of governance frameworks, operational pressures, and technical controls. While the SOCI legislation enables organisations to choose from a range of cyber security frameworks to meet their obligations—such as […]

Read more

Think about your cyber security transformation

May 5, 2025

More cyber security breaches, this time in the finance, judicial and most recently the superannuation sectors. There have been ongoing warnings from ASIC and other regulators for organisations to prioritise their cyber resilience management. ASIC even repeated in Nov 2024, that poor cyber security protection that threatened consumer data was an enforcement priority for them […]

Read more

In 2025 we predict: The disruption in the SIEM market will lead to adjustments in cyber security strategy

February 17, 2025

20 years ago, there was widespread adoption of traditional Security Information and Event Management (SIEM) solutions. Its proven capabilities have meant SIEM is now an integral part of the security stack for most organisations. The SIEM market has since evolved, with an expansive range of functionality now available to meet customers’ needs. Next-Gen SIEMs, the […]

Read more

SIGN UP TO RECEIVE CYBER SECURITY INSIGHTS

Read by directors, executives, and security professionals globally, operating in the most complex of security environments.