The transport and logistics sector is critical to Australia’s economic prosperity and security, with many other infrastructure sectors reliant on the services it delivers.

The Australian Cyber Security Centre (ACSC) advises that it is actively working in partnership with this sector to uplift its cyber defence capability and resilience, in particular by testing and strengthening arrangements for responding to cyber incidents.

The ACSC invites transport and logistics sector organisations to participate in a voluntary, national cyber security exercise series that is expected to take place from May to August 2023. Commonwealth, state and territory agencies with responsibilities for transport and logistics, and those responsible for the cyber security of this sector, are also encouraged to participate.

This purpose-designed exercise series will focus on the movement of freight via road, rail, aviation and ports, highlighting the importance of building resilience in the sector against malicious cyber activity. Its design has been informed by the successful completion of similar national cyber security exercises led by the ACSC, which focussed on Australia’s electricity sector and water and wastewater sector, in 2019 and 2021 respectively.

This 2023 exercise will provide a unique opportunity for organisations to:

 Be part of a national effort that strengthens cyber incident response arrangements and preparedness at the organisation, sector, jurisdictional and national levels.
 Practise and assess plans, protocols, and standard operating procedures.
 Examine interoperability of processes within and across organisations and government agencies.
 Increase awareness and understanding of potential risks and consequences.
 Participate in training and uplift activities.
 Share observations and insights gained from multiple organisations through the national exercise report.

Registration to participate in the national cyber security exercise series for the transport and logistics sector closes on 16 December 2022.

More information from the Australian Cyber Security Centre.

Parting Comments

1. Cyber security is rightfully in the forefront of vulnerability and resilience thinking. However, our evidence shows supply chain partners still exhibit physical security vulnerabilities.
2. Harris Security Management has 40 years of experience in identifying physical security risks for the transport and logistics sector. In fact, our practice was born out of the transport and logistics sector.
3. Our expert, trusted and independent services include:

 security risk assessments
 master security plans for development sites
 physical security vulnerability assessments
 security compliance audits
 security systems integrity and cyber vulnerability evaluation
 design of physical security and video surveillance systems
 development of specifications for security (personnel) services and systems
 security incident reports,
 serious security incident training
 expert witness reports for insurance claim assessment and claims
before the courts.


Geoff Harris, Principal Consultant – or Phone +61 2 9560 9933

Licensed security consultant – licence number 407641686


Integrated Security and Emergency Risk Management for Facilities, Crowded Places and Supply Networks.

Trusted independent security consultants since 1983

Master security licence 407642890



  1. The above article is of a general nature only, it is not a comprehensive analysis and not contextualised.  The article is intended to stimulate and focus conversation on security and related risk management and in particular full reading of this Inquiry Report and other reports related to this attack.
  2. The discussion does not provide professional advice from us.  Seek expert analysis and advice relevant to your specific context from trusted advisers.  You are welcome to contact us.
  3. This article includes selected extracts of the Report, with some editing and commentary for blog and post purposes.
  4. The article may raise legal issues to contribute to relevance, but in no way provides expert legal opinion or professional legal advice.
  5. We do not provide endorsement or assessment on information or research provided by others that may be referenced in this blog or post.
  6. We do not claim intellectual property rights to reports, information or research sourced externally for this blog or post.
  7. We take no responsibility for privacy protection, cyber risks or associated legal obligations of websites linked in this blog or post.


Please Follow Us

Should you have a strategic, operational or compliance interest in the physical protection of people, infrastructure, property or supply chain, please ‘Follow us’ on LinkedIn.

By following us, you will receive important information pertaining to security and related emergency risk management.

Harris Security Management

 © Copyright. All rights reserved. Sydney, Australia 2022.