The Australian Energy Market Commission (AEMC) rule, which commences immediately, clarifies the role and responsibilities of the Australian Energy Market Operator (AEMO) in preparing for and responding to evolving cyber needs.
Robust and clear cyber security measures are of critical importance as the electricity system becomes more digitised, decentralised and interconnected.
AEMO has been proactively working with industry and the relevant agencies to increase cyber security resilience.
AEMC Chair Anna Collyer said embedding AEMO’s role in the National Electricity Rules (NER) provides market participants and consumers with greater certainty.
“A cyber attack on the electricity system could have far-reaching consequences that impact millions of Australians,” Collyer said.
“It is therefore essential that our rules continue to evolve to counter these threats as they become more sophisticated. Our final rule builds on existing measures to support a more strategic and coordinated approach to energy security.”
Cyber security is now explicitly established as one of AEMO’s power system security responsibilities within the rules. The final rule embeds four key cyber security functions for AEMO:
- Coordinating a National Electricity Market (NEM)-wide cyber incident response plan
- Supporting energy businesses in cyber incident preparedness
- Providing expert cyber security advice to government and industry
- Distributing critical cyber security information to market participants
Formalising AEMO’s role enables additional resourcing for it to sustain and scale up these functions.
The functions are also designed to work alongside AEMO’s emergency powers and the Australian Energy Sector Cyber Security Framework (AESCSF).
The final rule follows a rule change request from the Minister for Climate Change and Energy Chris Bowen, and has been well received by AEMO and the energy industry.
By submitting this form you agree to pv magazine using your data for the purposes of publishing your comment.
Your personal data will only be disclosed or otherwise transmitted to third parties for the purposes of spam filtering or if this is necessary for technical maintenance of the website. Any other transfer to third parties will not take place unless this is justified on the basis of applicable data protection regulations or if pv magazine is legally obliged to do so.
You may revoke this consent at any time with effect for the future, in which case your personal data will be deleted immediately. Otherwise, your data will be deleted if pv magazine has processed your request or the purpose of data storage is fulfilled.
Further information on data privacy can be found in our Data Protection Policy.