31 minute read
Cybersecurity | panel discussion
L–R: Richard Watson, Lisa Tobin, Rachel Noble PSM, Mike Mrdak AO and Berin Lautenbach
Cybersecurity
Key points:
• As the use of technology grows and interconnectivity increases, cybersecurity risks are emerging for the infrastructure sector. • Cybersecurity involves the confidentiality, availability and integrity of an organisation’s data. • Cybersecurity should be considered when building new assets and services, as retrofitting is complex and costly.
Panellists:
► Berin Lautenbach, Chief Information Security
Officer Asia Pacific, Telstra ► Mike Mrdak AO, Secretary of the Department of Communications and Arts ► Rachel Noble PSM, Head of the Australian
Cyber Security Centre, Australian Signals
Directorate ► Lisa Tobin, Group Executive Technology,
Transurban
Moderator:
► Richard Watson, Lead Partner APAC Cybersecurity Risk Advisory, EY Richard Watson (RW): Welcome, panellists. I’m sure all of you would agree that, at both a personal and organisational level, we’ve got a strong interest in cybersecurity. As new technologies and greater connectivity begin to change the way that infrastructure assets and services are managed, it creates great opportunity, but also great risk.
We hear frequently about the endless data coming out of our ears, and while that is an opportunity, there are concerns around privacy. As the line between information technology and operational technology begins to blur, major infrastructure is increasingly connected to, and controlled by, the internet.
One could argue that we have a little bit of catching up to do on the topic of cybersecurity. So, let’s discuss this now, and perhaps I’ll start by asking each of you to spend one minute
talking about what cybersecurity means to you and to your organisation. Lisa, let’s start with you.
Lisa Tobin (LT): Essentially, cybersecurity is an intrinsic part of how we operate our business now, and it is increasingly becoming the mode of operation for all companies. It’s no longer something that just the tech guys worry about in the backroom. It’s how we go to market. It’s how we plan our services. It’s how we make sure that our roads are safe every day. It’s how we make sure that the private data of eight million customers is kept protected. And it’s how we make sure that the people taking the one-and-a-half million trips on our roads every day can rely on the information that’s given to them so they can arrive safely at their destination. It really is blended across every part of the operations across our business.
RW: Rachel, what’s your perspective?
Rachel Noble (RN): I head up the Australian Cyber Security Centre, which is part of the Federal Government. My organisation sits within the Australian Signals Directorate, which is charged with generating foreign signals intelligence. This means that we collect intelligence against other countries. The Cyber Security Centre has the mission to understand how to defend Australia, our private sector, government and individuals alike from people like us. Essentially, we are both the poacher and the gamekeeper in that regard. So, cybersecurity is a huge part of our lives within the Federal Government. I think I’ll have some opportunity a bit later to tell you about the scale of the issue. But to give you a teaser about just how serious this issue is: we opened a new portal for people to report cyber incidents on 1 July 2019. The portal has only been open for a few months, and we now get one report every 10 minutes.
RW: Interesting. We’ll look forward to hearing more about that. Mike, perhaps you could share your perspective?
Mike Mrdak AO (MM): It is crucial to understand just how much digital connectivity now underpins our activities, both personally and, importantly, as a business. You’ve got to remember that less than 20 years ago, about 15 to 18 per cent of Australian businesses were on the internet. Today, 96 per cent of Australian businesses are on the internet, and a large portion of our transactions are now taking place in a digital environment. About half of our gross domestic product is now underpinned by digital technology; however, what the internet also brings, as both Lisa and Rachel pointed out, are vulnerabilities, and that’s taken us some time to understand.
There are three crucial things that we’re going to have to think about for all of our businesses. Firstly, how do you protect the integrity of your data? Secondly, how do you protect the availability of your infrastructure in an environment where you depend on digital connectivity and the vulnerabilities that come with it? And thirdly, how do you ensure that your data is accurate and is not being manipulated by others? So, confidentiality,
Rachel Noble PSM
L–R: Richard Watson, Lisa Tobin, Rachel Noble PSM, Mike Mrdak AO and Berin Lautenbach
availability and integrity are the three key elements that are going to be critical drivers if business is going to survive in a digital environment.
RW: I couldn’t agree more. Berin, perhaps you’ve got a point of view from Telstra?
Berin Lautenbach (BL): I’m not sure I can add much to what’s already been said. The other panellists have given us a nice definition. For me, it’s really simple. We have – to Mike’s point – this huge reliance on technology, systems and data, and there are all sorts of bad things that can be done to businesses and people through the technology and data that those people rely on. My job is to try and make sure that those bad things don’t happen. It’s nice and simple for me.
RW: Rachel, that’s your job, too, but with a national mindset. Perhaps you can share with us where threats are coming from. Is it other countries? Criminals? Activists? What are the risks that are out there?
RN: It’s all of those, and that’s the challenge. I think that for critical infrastructure, probably the greatest threat is from foreign governments. They are well-resourced, highly motivated, and very persistent and patient about getting access to the information that you have. They’re motivated by political gain, economic gain and competitive gain, and, during a time of conflict, they can also pre-position themselves to be able to seriously disrupt the proper functioning of our country and our infrastructure in a way that might create chaos and challenges for us. So, foreign governments are very much at the high end.
Unfortunately, though, there are other actors – there’s a lot to be gained for criminals in getting access to data and information, and we see them do it at all levels. [It ranges from] criminals [who] may work to steal credit card numbers to sell on the dark web, all the way through to more sophisticated sorts of operations.
Cybercriminals are primarily motivated to make money – just like regular criminals usually are – and they will snatch and grab, just like in real life. The thief will grab your handbag of data, take that handbag away, and then sift through it later and work out if there’s anything useful in there that they can sell or make money out of.
There are, of course, also issues of motivated groups, extremists, and even terrorists who will be trying to create disruptions in a way that draws attention to their issue or the message they want to sell, as well as just doing damage and harm.
There is a lot you can do to deal with these threats, and our job is to give folks a lot of advice about different risks and strategies.
The best strategy is to heighten the barriers to entry for these actors to make it harder for them to get into your networks. Also, be thoughtful about the data and information that you most need to protect. In the same way that companies would think about their businesses from a risk-management point of view, they should also make sure that they have the proper controls and investment to protect the crown jewels.
RW: Lisa, it might be useful to turn to you now, with your commercial hat on. It seems to me that the threat in the critical national infrastructure space is ever-increasing. We’re also starting to see regulation introduced, which would suggest the same. How real are the risks, from your perspective, in the critical national infrastructure sector?
LT: It was a great set-up by Rachel. The threats are very real. It is technically and definitively an operational risk for our business. It sits high on our risk register, which means that it is monitored 24/7. It means that it’s reported to our board frequently. All of this also means that we take a normal risk framework. It’s something that needs to be monitored constantly, because the environment is changing. It’s something that we need to look to mitigate with tools, people and process. It’s something that we need to practise and prepare for, because most companies take the view that it’s about when, not if, an intrusion will happen. So, we spend a lot of time focusing on desk exercises, planning run sheets, and working out how we will respond and adapt when an intrusion happens. That includes working with state governments and doing joint exercises. So, it’s really about making sure that we have a network or a mesh of protections, not just within our own company, but beyond. We’re monitoring, we’re preparing and we’re also putting a significant amount of our technology investment into making sure that we’re constantly updating our tools – everything from the boring things about patching, to our new tools, new partners and new filtering systems – to make sure that we are aware of what’s going on in the environment.
So, to explain a little bit about what cybersecurity means practically. Firstly, I think Rachel did a great job in explaining why it’s so real for us, because there’s enormous financial advantage and enormous informational power to be gained. Our company’s a little bit of a hybrid, not just pure infrastructure, but as I mentioned before, we have eight million customers. We discussed earlier the merger between corporate IT and operational technology, and we’ve had to face up to that, and we’ve been working on that merge for a number of years.
We run what’s called a CSOC – that’s a cybersecurity operations centre. So, we have a group of people and tools to make sure we’re monitoring our cybersecurity. We also partner with a global security player and leverage its 24/7 global CSOC to make sure that we understand threats that might be emerging but may not have hit us yet, and that we understand what’s going on in the broader market. We’ve seen a rising incidence of attempted and successful intrusions into the infrastructure space. To give you an idea of what that means, in the last year, we flagged more than 180 billion events as issues that we needed to understand. Our intrusion monitoring systems, as well as our filtering and alerting systems, cut that 180 billion down to 11,000. Those 11,000 potential events went to an analyst who then worked with our security partners to work out what happened, or what the potential risk was. One thousand of those ended up as incidents where we needed to take some action, whether that was more patching, a different solution, engagement with our upstream/downstream partners, advice to our customers or protection of our staff. Those activities are going on all the time.
And why do we do that? We do that because we have 30 kilometres of tunnels, 110 kilometres of open managed motorway, and more than 100,000 pieces of technology on those assets. We also have 18 safety systems, control systems, and systems to make sure we know where someone is and how we can keep them safe on the roads. So, from my point of view, every one of those pieces of technology is a potential intrusion point. It’s a full-time, 24/7 effort to make that work.
RW: You did a really nice job there of explaining how this concept of big data and data analytics can be applied to turning 180 billion events into 1000 actionable items. And that’s a trend in cybersecurity these days.
Berin, thinking about the different groups of people we have in this room, in the infrastructure ecosystem, including government and systems operators, what are the possible consequences facing us if we don’t get cybersecurity right?
BL: Well, where to start? The first thing I’ll say is, my predecessor, Mike Burgess, who now runs the Australian Signals Directorate, used to say, ‘There’s nothing new under the sun when it comes to cyber’. Everything that you can do in cyber has come from the real world. Crime, espionage, damage – all of those kinds of things. And it’s actually quite simple in terms of what damage can be done. Just look at history, at the things people have done to each other. And there’s probably
a way to do that in the cyber world now. The problem is that people haven’t realised just how possible it is.
If I look at my industry not just as the telco industry but more broadly as cyber, we, as an industry, very much focus on data and whether we have secured the data properly. We look at whether there is any risk of data leakage, and all those kinds of things. And don’t get me wrong, that’s terribly important, but the world is moving very fast into physical, real-world impacts from cyber going wrong. The infrastructure sector sees it possibly more than most. There are all those nightmare scenarios we all talk about; for example, imagine if the power grid got hacked. Not that long ago, that was something we thought you might read about only in a science fiction novel, and now you look at it and think, I can see how that could happen. And what’s the potential impact of that? Use your imagination.
But it’s then very easy to wrap yourself around the axle of, ‘Oh my God, this is so complicated. There are all these things I have to do. There are all these things I have to worry about. What am I going to do? What do I start thinking about?’ Actually, you just reverse it and you ask exactly that question. What are the things I’m most worried about, and what am I going to do about them?
If I’m very worried about the availability of data, then I back it up. If I’m really worried about the integrity of my data, I can put in mechanisms to do ongoing integrity checks. These strategies aren’t too hard, as long as you think about it at that top level and you don’t get yourself all wrapped up around the absolute complexity underneath. But the world’s your oyster in terms of the potential damage that could be done; and the more we interconnect, and the more we build technology around the things we do, the more reliant we become on technology, and the worse the damage can become. So, it’s really important that people start thinking about this in their businesses.
RW: Mike, maybe it’s an opportunity for you to comment on how the government sees the risks, and what its response would be? How do we evolve in the face of this changing landscape?
MM: Well, there are a number of issues relevant to those scenarios. One of the first is the importance of the customer, and giving them greater access to services through the digital world. Giving consumers greater access to the digital world carries risks and, just as we’re giving consumers much more power, we’re also creating a larger number of intrusion points for those who have less-than-honourable intentions. Often in government, we’ve had a long view of saying, ‘Well, we want to provide more services and more access to data, and we’re requiring a business to do that much more’, and often we haven’t thought through the implications of how you put in place appropriate protections.
There are three areas that are at the forefront for government. One is that we are looking hard at the physical environment. How do you harden the people supplying and involved in the physical environment? Cybersecurity risks are often a shock. I remember the shock when we all discovered that, as we put a lot of our information on the net, criminals and foreign governments could find the plans to a large number of our establishments. I remember when the U.S. Department of Defense suddenly discovered that Google Earth enabled people to watch military bases. And these sorts of revelations took some time to work through in government. So, it’s important to harden attitudes about what matters, what’s important and who you allow into your system. It’s also crucial to recognise that the next stage of the digital age is seeing much more mobile technology, which is pushing processing out much further. This, in turn, means that it’s harder to know what’s happening in your system, which creates data integrity issues.
The second area is having systems implemented to detect intrusions, so initiatives like the reporting system described by Rachel are very important for us to learn the lessons of who’s trying to get in, and how.
The third area is around the issue of recovery, which is something Transurban or Telstra and others have to plan. When you’ve got half of the economy underpinned by digital technology and a system goes down, it doesn’t take long before a business and its customers start suffering real costs of downtime. There is no tolerance anymore for the services not being available, whether it’s government or the private sector. Many of us in the room, who are probably of my generation, would remember when there were brownouts in the electricity system, and we took that as a matter of fact. The tolerance of the system going down today is almost negligible, and the cost is much higher than ever before.
These are real issues for government, boards and management teams. Reporting of what’s happening inside the system has to be a core part of your business management,
L–R: Richard Watson, Lisa Tobin, Rachel Noble PSM, Mike Mrdak AO and Berin Lautenbach
and is essential for critical infrastructure and the economy to continue to operate.
RW: Yes. It doesn’t go too far to say that a lot of cybersecurity has historically been focused on the confidentiality piece. But now, availability is becoming more of a focus because of the high degrees of connectivity – particularly in this sector.
Now, Lisa, you’re the Group Executive of Technology at Transurban, and technology has a lot of benefits to bring – but how do you balance the benefits of technology with the risks that it brings?
LT: Carefully and from the initial design. When we start to consider a new technology solution – and we are constantly changing our technology solutions – part of our thinking, our planning, is on how we build security. It’s about how you can build security principles into whatever code you’re developing. If we’re engaging with partners, we have a very forensic approach and process to understand what their controls are, and how they work. And to Berin’s point, we have a look at what could happen. What are the scenarios? How do we prepare, test and plan for someone wanting to misuse our service? What could go wrong? It’s about all those practical things that we do when taking any new product or service to market.
BL: One of the things that’s nice about the approach that Lisa described is that when you consider security as a part of building a system or an application, or whatever it is you’re building, and you think about it before you start the build and you bake all of that stuff in, it’s not hard. When you’ve built it all, and it’s all sitting there, and you go, ‘Ooh. Ooh, this could be broken into and this could cause all sorts of damage if that happens’, that is really hard to retrofit things into.
LT: And very expensive.
BL: And very expensive. That’s where Lisa is coming from when she describes considering cybersecurity as a part of the build.
RW: So, don’t leave the cybersecurity considerations until the end; think about them the whole way through. Rachel, there are different parts of government that are involved in cybersecurity, such as the Critical Infrastructure Centre and the Foreign Investment Review Board. Perhaps not everyone is familiar with the roles that these organisations play. Would you be able to share with us the scope of these organisations, and the importance they play with national security?
RN: The main message to this audience is that if you’re thinking about selling an asset to a foreign buyer, the Department of Treasury is probably your first port of call. Those transactions take place under the Foreign Acquisitions and Takeover Act. The Foreign Investment Review Board, or the FIRB as people know it, is a group of government and non-government members who will ultimately provide advice to the Treasurer, who is responsible for making decisions about foreign investment in this country. That Board will reach out to a range of security agencies like my own, as well as many other stakeholders. Their job is to weigh up advice for the Treasurer about a proposed foreign investment, where they’ll look at the security risks in considering that investment and try to weigh them against economic interest for Australia.
So, it’s an incredibly imperfect science, and it is carefully done on a case-by-case basis. My organisation will provide cybersecurity advice into that process, and we all look at the questions of the capability, intent and access, most likely of a foreign government, to disrupt or create a concern for us in respect of whatever’s being proposed. The Department of Home Affairs separately runs the Critical Infrastructure Centre, which operates under the Security of Critical Infrastructure Act. The Centre looks at both proposed investments and current critical infrastructure that is operating. Critical infrastructure is plainly defined as a list set out by the Department of Home Affairs. They are the two main parts of government that have a role here.
RW: Mike, on the topic of cybersecurity, how do you think government and industry can best collaborate to make everything work better?
MM: Well, the first thing is that government has to do exactly what Rachel and others are now doing, and what Mike Burgess has been doing for some time, which is talking about the risks openly. Government is certainly across the state actor risk, which has risen across the globe, but increasingly also the criminal risk. We’ve seen everyone – from the Federal Police Commissioner, right through to Burgess and others – talking openly about some of those risks. And that’s been important to both business and the community as they can understand why some of these measures are necessary.
Secondly, there is a role for mechanisms, like those provided by Rachel’s Cyber Security Centre, to offer the ability to report incidents and then get advice. And, increasingly, government is providing support services to businesses at various levels about what intrusions have been seen and the ability to do the analysis on what the intrusion pattern looks like. This is what the Cyber Security Centre is doing, so that information can be provided back to industry honestly. Then industry can start to plan and build cybersecurity into their system design. The third element that government is increasingly focused on is the safety of the overall system. If you look at some of our telecommunications legislation that telco companies are now subject to, you’ll notice that there are new provisions of what’s called the Telecommunications Sector Security Reforms (TSSR) Act, which came into effect last September. This legislation places an obligation on telecommunications companies to ensure that every investment they make into the system meets security requirements. So, that’s the reality of what we’re dealing with; the regulatory regimes are now requiring a greater degree of focus in these areas driven by what we’re now seeing as the threat assessments.
When considering open conversations about threats, some of those conversations have to take place with people who have security clearances because of the intelligence issues involved; however, having much more open conversations, understanding the risks involved to people, and then making it clear what the obligations are going to be on business to meet those is where government and industry are going to need to be working much more closely. The days when the chief information officer (CIO) or chief security officer (CSO) was buried in the organisation are gone. You can see now that most Boards are doing what Transurban is doing, in that reporting is in real time and it’s going straight to senior management, and then to the Boards, because cybersecurity is a core part of good governance. You wouldn’t have seen that even a few years ago in the way that the security function, or the CIO function, worked.
LT: Mike’s point goes to that idea of sharing across forums. So, within Rachel’s area, I know that we’re party to a number of the forums, the joint cybersecurity centres – certainly in Victoria and Queensland – but what’s really important to us are the
conversations that are going on about operational technology and the infrastructure threats, which I know Telstra is also involved in. There are some great examples of conversations we’re all having in that space, and for us it’s a very important partnership that helps to keep us safe, and helps to keep our customers safe.
BL: Those conversations also lead to one other thing that is becoming increasingly important: the realisation that we’re so interconnected across the various parts of industry that we need the government to bridge some of the gaps and make sure that those conversations are happening. For example, if something goes wrong in the core network of Telstra, there’s a flow-on impact into health and, well, actually, you name it! So, making sure that there’s that connection between the various parts of critical infrastructure is incredibly important. We need to make sure that there’s a shared dialogue, a shared conversation, so when something bad happens, we have an ability to coordinate across industry.
Berin Lautenbach – CISO Asia Pacific, Telstra
Berin Lautenbach is the Chief Information Security Officer Asia Pacific at Telstra, and has an extensive and diverse background in cybersecurity, spanning 25 years. Mr Lautenbach loves the big cybersecurity challenges and bringing together a team of great minds to protect customer and corporate data, and the Telstra network.
His more recent roles have included leading the Information Security team in GE Capital Australia, followed by setting up and leading the Security Architecture team for GE Capital globally. Mr Lautenbach has been involved in projects covering a wide range of security technologies, such as intrusion detection, application security and malware control, to name just a few. He has worked for a number of organisations, including the Department of Defence Australia, Dimension Data, National Australia Bank and GE, before joining Telstra in 2015.
Mike Mrdak AO – Secretary, Department of Communications and the Arts
Mike Mrdak is Secretary, Department of Communications and the Arts, a position he has held since 18 September 2017.
The portfolio has responsibility for broadband and the National Broadband Network (NBN); communications infrastructure; spectrum; communication, broadcasting and media regulation; and fostering Australian arts and culture.
Mr Mrdak began his Australian public service career in 1988 as a graduate with the then Department of Transport and Communications. Since then, he has held a number of senior positions across the Australian public service.
Between June 2009 and September 2017, Mr Mrdak was Secretary of the Department of Infrastructure and Regional Development. His work with the infrastructure and regional development portfolio includes management of infrastructure investment; policy initiatives to increase productivity; security, safety and regulation in road, rail, aviation and maritime transport; regional development; local government; and services to Australia’s territories.
Mr Mrdak was appointed an Officer of the Order of Australia (AO) in the Queen’s Birthday 2016 Honours List for his distinguished service to public administration through executive roles in the infrastructure, transport and logistics sector, and through the development of policy reform initiatives.
Rachel Noble PSM – Head, Australian Cyber Security Centre
Rachel Noble is the Head of the Australian Cyber Security Centre in the Australian Signals Directorate.
Prior to taking up this appointment, Ms Noble was the Deputy Secretary Executive Group in the Department of Home Affairs overseeing the delivery of the Department’s executive functions, including media, Ministerial and Parliamentary services, integrity, security, risk and assurance, as well as intelligence and countering violent extremism. She previously led the Home Affairs Implementation Team to stand up the Home Affairs Portfolio.
In 2014, Ms Noble was promoted to Deputy Secretary Policy Group in the Department of Immigration and Border Protection (DIBP), which included responsibility for trade, customs, immigration and international policy. This promotion followed the merger of DIBP with the Australian Customs and Border Protection Service (ACBPS), which Ms Noble joined in 2013 as the National Director of Intelligence and Chief Information Officer. Ms Noble has also held senior positions in the Department of Defence, including as Assistant Secretary Americas, North and South Asia, Europe in the International Policy Division, and as Deputy Chief of Facility at the Joint Defence Facility Pine Gap.
Ms Noble also held the position of National Security Chief Information Officer and Cyber Policy Coordinator in the Department of Prime Minister and Cabinet, and was responsible for improving information-sharing among the national security community, and coordinating whole-of-government policy on cyber issues. Ms Noble received a Public Service Medal for this work.
Ms Noble has a Master of Business Administration in Technology Management and a Bachelor of Science with Honours.
Lisa Tobin – Group Executive Technology, Transurban
Lisa Tobin joined Transurban in February 2013 as Group General Manager Technology, and has overall responsibility for the technology strategy, deployment and operation of all technology platforms. Transurban owns, develops and operates urban toll road networks in Australia and the United States. Technology plays a critical role, spanning all aspects of the business from back-office systems and customer services, to roadside and tunnel infrastructure. The team brings world-class solutions to ensure the long-term safe and efficient operations of the critical infrastructure that operates our roads and tunnels. Technology at Transurban has a unique agenda to bridge the specialised infrastructure world of operational technology with broader information technology trends, such as the rise of cloud-based platforms, Internet of Things, data analytics and machine learning. Previously, Ms Tobin held a number of senior technology roles across the financial services industry, focused on setting strategy and delivering technology capability to bring new business models to market.
Richard Watson – Lead Partner APAC Cybersecurity Risk Advisory, EY
Richard Watson is the lead Partner in EY’s APAC Cybersecurity Risk Advisory. He has spent the majority of his 25-year career in the professional services and IT sectors focused on cyber risk and cybersecurity.
Mr Watson specialises in helping clients understand and protect themselves from the risk of cyber incidents. His areas of expertise include cyber risk assessment, technologies for monitoring and protecting against cyber attack, privacy regulations and managing cyber incident response. Mr Watson has worked in a number of industries, focusing on those that have significant intellectual property to protect or a significant risk of brand damage from a cyber incident, or whose core operations see them dependent on the digital ecosystem.
Mr Watson is a recognised cybersecurity leader, advising senior executives and boards on cyber risk management, and is frequently cited in the media. He also has expertise in digital transformation, analytics, large-scale technology and program delivery.
Originally from the United Kingdom, Mr Watson is based in Sydney but operates throughout the Asia-Pacific region.
Our gender agenda
As we strive to achieve our mission to become the recognised leader for innovation and excellence in the construction industry, Laing O’Rourke is committed to developing and nurturing a more diverse workforce that reflects the society and communities it serves.
In August 2019, Laing O’Rourke Australia launched its Gender Diversity Action Plan, setting a number of deliberate and bold targets and initiatives that will help to attract more women into the business, and see more women be promoted into leadership positions.
Laing O’Rourke has a proud record of advancing gender equality across the organisation, and equipping all employees to reach their potential within the construction industry – but there is still a lot to be done.
The construction industry is best when there is diversity across all business and project roles, including having more women represented at senior levels. The industry must change the way it designs and delivers work to attract a broader demographic of people to the industry, and provide them with meaningful, long-term careers.
That’s why Laing O’Rourke is committing to its Action Plan that sets targets for increasing the number of women in leadership roles across the business, tripling its internal referral bonus scheme for female candidates, and delivering construction projects with flexible working as a requirement. The company must take tangible action and hold its leaders accountable for driving this change.
As a business that is engaged in some of Australia’s largest and most complex infrastructure projects, Laing O’Rourke has a responsibility to demonstrate that meaningful and rewarding career paths are available in this industry, regardless of a person’s gender.
Other initiatives introduced at Laing O’Rourke include: ► Inspiring STEM+ – a school engagement program designed to encourage more girls into science, technology, engineering and mathematics
(STEM) courses at university, and ultimately careers into construction and engineering ► Keep in Touch and Return to
Work – a coaching program for all staff on parental leave ► Connecting Women network –a program of events designed to build engagement and greater visibility of the company’s female leaders, and to provide a forum for connecting our women, role modelling careers, and building new networks for support and advice ► Flexible work programs. ♦
Laing O’Rourke Engineering the future
As we strive to achieve our mission to become the recognised leader for innovation and excellence in the construction industry, we are committed to developing and nurturing a more diverse workforce that reflects the society and communities we serve.
Managing a transport revolution – electric vehicles in the built environment
2019 has been a record year for electric vehicles globally, with these vehicles making up around three per cent of total new passenger car sales in the world.
Australia has been relatively slow in taking up electric vehicles to date, but this revolution is coming.
Forecasting from the Australian Energy Market Operator (AEMO) indicates that within 10 years, electric vehicles are likely to make up a substantial proportion of new vehicles supplied into the Australian market, and that within 20 years they will make up approximately half of all cars on the roads.
The key benefits of shifting to electric vehicles are clear: they are cheaper to run and maintain, they don’t contribute to air pollution, they help to reduce dependence on oil imports, and they provide a pathway to reduction in carbon emissions.
On the other hand, the existing electricity grid wasn’t built to support them, so we need to manage how, where and when they recharge in order to avoid costly electrical upgrades.
In residential complexes, workplaces and commercial buildings, what’s needed is some smart scheduling. Rather than letting everyone start charging at the same time – which would require a much bigger switchboard and network connection – a control system can manage the charging to ensure that everyone starts the next day with a full car battery, without putting any undue strain on the electrical supply.
NHP recently undertook development and demonstration of a solution for this at our Laverton National Manufacturing and Distribution Centre. This enables our customers in the electrical contracting community to easily roll out load managed electric vehicle charging solutions to apartment complexes, workplaces and commercial buildings. This development was done in conjunction with car makers, vehicle owners associations and electricity networks.
Securing good outcomes at scale as electric vehicles roll out will be a big challenge and will require lots of collaboration. Leveraging a 50year history and expertise in power distribution and industrial automation, NHP is proud to support the multidecade transition to electric vehicles that’s coming our way, and welcomes enquiries as to how it can support electric vehicle charging applications in the built environment.
NHP offers a complete range of electric vehicle chargers to suit every need, from low-cost home solutions to large direct current (DC) fast charging. NHP also makes installation easy by offering everything you will need upstream, enabling quick and simple implementation of the chargers. ♦
