Smart electricity grids supporting vital AI, data centres and national infrastructure require new physical and cyber security standards to address increasingly distributed threats as Australia enters a new electrical revolution
By Mike Fisher, Managing Director, Boon Edam Australia
Global and Australian demand for greater on-site protection of electricity generation infrastructure and key users dependent upon it is intensifying, as advanced economies’ electricity needs grow at a rate never seen before.
Truly remarkable progress – a 21st century electrical revolution – is following on from Australia’s first electrical revolution that began in the late 19th century, starting in the 1880s with the introduction of localised power stations based near their point of use.
This early period marked the transition from gas lighting to electric lighting and the start of industrial electrification, complementing rapidly changing urban life, expanded manufacturing and the first electric tram networks in Hobart, Brisbane, Melbourne and Sydney (with Perth following in 1889 and Adelaide with its own electric tramway 20 years later).
The next major leaps forward by an increasingly electrified society were taken with the emergence of Statewide grids, with advances including the State Electricity Commission of Victoria (SECV) building the 50MW Yallourn Power Station in 1924, allowing power to be transmitted about 140 km to Melbourne.
This shift towards centralised, larger-scale generation surged in the 20th century to reach a peak of more than 100 operating utility-scale, coal-fired power stations as we approached the new Millennium. Coal was until quite recently the hugely dominant source for electricity in Australia, providing over 80% of the total, with fossil fuels (coal, oil and gas) in a huge ascendancy.
“King Coal” ruled as the dominant global energy source from the Industrial Revolution through the 20th century, but its reign is now ending due to the combined pressures of climate change, economic competition, and environmental regulation focused on it as the largest source of CO2 emissions. In the year to June 2025, Australia’s greenhouse gas emissions fell by 2.2% to 437.5 million tonnes of CO2-e, driven partly by a 3.3% decrease in electricity sector emissions due to record renewable generation displacing coal.
Since its peak, coal’s share has been on a long-term decline, due to the ageing of coal power infrastructure, the rise of climate change imperatives and the dramatic impact of renewables, including solar, wind and other cleaner alternatives (including hydro, with its 5–7 per cent contribution to total usage).
The decarbonisation shift
Under the impact of such dramatic changes, coal-fired generation fell below 50% for the first time by the mid-2020s, with renewables rising rapidly towards a goal of 82% by 2030.
What is doubly remarkable is that this shift is occurring as electricity demand reaches all-time highs of about 284 terawatt hours (TWh) in the National Electricity Market (NEM). Total Australian electricity production has risen more than 300% from 65-70 TWh in the mid-1970s.
Global electricity production, meanwhile, also experienced breathtaking expansion over the same period, while transitioning from a largely fossil-fuel-driven system to one increasingly dominated by renewables, with total generation rising from roughly 6,000 TWh in the mid-1970s to over 30,000 TWh recently.
Data centres and AI facilities create massive rising demand for energy even as coal-fired electrical generation declines. According to the Australian Infrastructure Monitor, data centres have now entered the country’s most preferred infrastructure investment category, ranking third alongside renewable energy. With more than 300 data centres now operating across Australia, and new hyperscale facilities up to 20 times larger than previous generations, operators are reassessing how they control physical access and maintain operational continuity.
Major drivers of demand in Australia and elsewhere include heating, cooling, population growth, and AI and data centres associated with critical infrastructure and social and economic choke points, including financial, ecommerce, telecommunication, government records and services, defence, industrial, transport, and social infrastructure.
Governments and regulators locally and worldwide have been quick to recognise the importance of protecting supplies of electricity to installations deemed too important to fail, including also health services and food and beverage production and distribution.
So it is little wonder in Australia and globally that as this change sweeps through every major element of our national fabric, there are significant changes arising in compliance for physical and cyber protection of the infrastructure on which we will depend.
These are the changes that are of crucial importance to the people who will plan, design, build and maintain our infrastructure, including the cross-discipline teams emerging among architects, engineers, construction and infrastructure companies and managers.
The electrification of heavy transport will by itself add 40 per cent to demand upon Australia’s electrical grid, according to advocacy group the Electric Vehicle Council. Rio Tinto and BHP have initiated trials of new Caterpillar (Cat® 793 XE) battery-electric haul trucks at the Jimblebar iron ore site in Western Australia, marking a major step towards decarbonising mining operations. These 250-tonne payload “Early Learner” trucks are testing the viability of replacing diesel in harsh, 24/7, high-temperature conditions to achieve net-zero goals.
Because it is critical, the infrastructure required to generate and distribute renewable energy – and the widely dispersed assets connected to it – will require new levels of protection and compliance to ensure this occurs.
Significant changes to the physical and cyber security of infrastructure projects in Australia are being driven by the Security of Critical Infrastructure Act 2018 (SOCI Act), particularly following the passage of the Security Legislation Amendment (Critical Infrastructure Protection) Act 2022 (SLACIP Act) and the 2024 Enhancements.
Their focus, according to the Department of Home Affairs, has shifted toward an “all-hazards” approach, integrating physical security with cybersecurity to protect 11 key sectors, including energy production and AI facilities. As power generation and AI infrastructure evolve – concentrating in some areas while dispersing in others – new choke points are emerging that require protection against increasingly diverse and geographically distributed threats.
Boon Edam Circlelock high security portal (left) and Tourlock high security revolving door (right) preventing unauthorised access into secure areas of infrastructure projects
Key changes and evolving requirements with which Boon Edam is involved as a global supplier of layered entrance and security networks include:
- Mandatory Critical Infrastructure Risk Management Programs (CIRMP) which require specified Australian entities to identify, manage, and mitigate material risks to critical assets under the Security of Critical Infrastructure Act 2018(SOCI Act). Rules established in 2023 require, by law, a written program covering cyber, physical, personnel, and supply chain hazards, with annual reporting mandatory to the Cyber and Infrastructure Security Centre. Boon Edam’s focus – which extends from Australian power generators to some of the world’s major AI and data centre operators – centres on physical protection of facilities that are often geographically and technically diverse.
- Active Obligation:Responsible entities for critical infrastructure assets must now have a compliant Risk Management Program in place to address hazards, including physical, cyber, personnel, and supply chain risks. Programs must identify material risks to assets and detail measures to minimise or eliminate them. The Cyber and Infrastructure Security Centre (CISC) has the power to compel entities to vary their risk management program if it is deemed to have “serious deficiencies”. The government has broader “last resort” powers to intervene and provide assistance if a serious, non-cyber incident (such as a physical attack) impacts a critical infrastructure asset.
Boon Edam Speed gates are part of layered physical security solutions in Australia and dozens of countries worldwide.
- Data Storage Systems:Changes to the Act clarify that data storage systems that hold “business critical data” are now covered by the same obligations as the primary critical infrastructure asset. As of this year, telecommunications security obligations also are consolidated directly under the SOCI Act, moving away from the previous Telecommunications Act 1997 (Cth) regime.
- Systems of National Significance (SoNS): SoNS are a small, specially designated subset of critical infrastructure assets under the Security of Critical Infrastructure Act 2018(SOCI Act) considered most crucial to Australia.
Declared by the Minister for Home Affairs, these assets possess high interdependencies and, if disrupted, could cause cascading failures across critical sectors, impacting national stability.
The number of assets deemed to be SoNS has increased, with the government aiming for near real-time threat detection. Critical infrastructure sectors (including energy, water, transport, and health) face higher security standards, including mandatory, regular cyber/physical exercises and vulnerability assessments.
The stark reality for the design and construction community
Australia’s increasing focus on safeguards and compliance is part of a global trend recognising both internal and external threats to infrastructure. These range from unauthorised access to facilities and potential damage arising, right through to deliberate sabotage, theft, and the compromising of national security through both physical and cyber security attacks.
The reality of such threats is starkly underlined not only by our Head of ASIO, Mike Burgess, but also by multiple major agencies globally, including the US Department of Homeland Security, EU-wide directives and guidance from the UN Office of Counter-Terrorism.
As recently as the 2025 Lowy lecture, Mike Burgess issued a clear warning about how hostile foreign governments were targeting Australia’s social cohesion, critical infrastructure and defence secrets. He revealed that at least three nations are currently “willing and capable” of conducting lethal targeting in Australia, including the assassination of dissidents on Australian soil. Burgess noted that Australia has never faced “so many different threats” simultaneously, with social cohesion, critical infrastructure, and defence secrets all being targeted at scale.
The fact that our own Head of ASIO is prepared to turn the public spotlight onto the escalating threat to our national interest and infrastructure delivers a clear message to all of us involved in infrastructure planning, design, construction and management.
These issues are not future threats for which we must eventually prepare. They are clear present issues for which we must all be working and implementing now – and show throughout compliance that we have done so.
About the Author
Mike Fisher is the Managing Director of Boon Edam Australia, part of the global Royal Boon Edam group, which specialises in layered security entrance solutions including architectural revolving doors and. Speed gates designed to control access to restricted areas. He leads the company’s operations in Australia, New Zealand, and Papua New Guinea. Boon Edam Australia focuses on providing integrated, high-security entrances for industries such as data centres, AI facilities, financial and telecommunications institutions, government records and services, defence, industrial, transport and social infrastructure and government infrastructure including energy. and vital community services.
Fisher highlights the importance of “layered physical security” to combat threats like tailgating and unauthorised access, particularly with the use of security portals and speed gates. Under his guidance, Boon Edam Australia provides OEM services, maintenance, and expert advice on security compliance and safety standards for workers and visitors.
About Royal Boon Edam
With work environments becoming increasingly global and dynamic, smart, safe entry has become the centre of activity in and around many buildings. Royal Boon Edam is a global market leader in reliable entry solutions. Headquartered in the Netherlands, with 150 years of experience in engineering quality, we have gained extensive expertise in managing the transit of people through office buildings, airports, healthcare facilities, hotels, and many other types of buildings. We are focussed on providing an optimal, sustainable experience for our clients and their clients. By working together with you, our client, we help determine the exact requirements for the entry point in and around your building.
