When the head of ASIO issues an unprecedented public warning about rising threats of espionage, sabotage, and terrorism, it is certainly time for the owners and operators of our critical infrastructure to sit up and take notice.
We in the design and building industry—architects, constructors, engineers, facility managers, fitout specialists and suppliers—must also pay heed when Mike Burgess, director-general of security, says the 2025 national terrorism threat level is “probable”.
This means there’s a greater than 50 per cent chance of an attack or planning within the next year. “Australia is facing multifaceted, merging, intersecting, concurrent, and cascading threats,” he said in his annual threat assessment presented to parliamentarians and community leaders this year.
The ASIO chief says his outlook to 2030 is a frank, uncomfortable assessment, “But it is profoundly important, which is why I am declassifying parts of it,” said Burgess, who added that Australia has never faced so many different threats at once.
The reasoning behind the decision by the head of ASIO to explain publicly the rising national security threat level makes compelling reading for those of us involved in reinforcing the physical safety of organisations, utilities, buildings, and critical infrastructure sites for owners and operators, employees, visitors, and all of the millions of us of us who depend on the services provided by critical infrastructure, which typically includes facilities and services from the following sectors:
Energy (electricity, gas, mineral oil)
Transport and traffic
Water
Nutrition
Information technology and telecommunications
Finance and insurance
Health
Media and culture
State and administration
Critical infrastructures are essential for daily life in our society. Their importance often only becomes apparent when there are disruptions. Therefore, a comprehensive approach to protecting these organisations and facilities is crucial to preventing interruptions in supply and significant disruptions to public safety.
The 2023 Critical Infrastructure Resilience Strategy, according to the Federal Home affairs Department, defines critical infrastructure as: Those physical facilities, supply chains, information technologies, and communication networks, which if destroyed, degraded, or rendered unavailable for an extended period, would significantly impact the social or economic wellbeing of the nation, or affect Australia’s ability to conduct national defence and ensure national security.
The Security of Critical Infrastructure Act 2018 defines each class of critical infrastructure asset. A single critical infrastructure asset includes multiple parts which function together as a system or network. This includes premises, computers, and data.
If multiple components operate as a single system or network that meets the definition of a critical infrastructure asset, they are considered a single asset.
Critical infrastructures must be protected against both everyday disruptions and extreme events. Examples of everyday security risks include technical failures or human error.
In addition, the threat of terrorist attacks is growing, particularly on public systems and supply infrastructures.
Cyberspace also represents a growing danger, where organisations are at risk from targeted attacks such as cyber sabotage or the introduction of malware.
Physical security is the other side of the same coin: physical access to facilities, and to operations-critical areas within them, must be restricted to authorised people.
Intruders must be detected and deterred.
Since critical infrastructures are often interdependent, the failure of one system can have far-reaching consequences in other areas. For example, a large-scale power outage could impact almost all other sectors.
Case in point: a hospital relies on an uninterrupted energy supply because it cannot provide adequate medical care without electricity.
The same applies to water, nutrition, IT services, and other infrastructure large sectors of the population draw upon every day.
Disruptions in one sector can lead to further disruptions or failures in other critical infrastructures.
Many countries worldwide regulate the physical protection of critical facilities according to applicable laws. These laws set the minimum standards for these sectors of our economy to ensure a high standard of protection across the board.
The Australian Security of Critical Infrastructure Act 2018 (the SOCI Act). outlines the legal obligations you have if you own, operate, or have direct interests in critical infrastructure assets.
The SOCI Act also outlines how the government can support you if an incident occurs that impacts your critical infrastructure asset.
The SOCI Act applies to the following 11 sectors:
Energy
Food and grocery
Healthcare and medical
Transport
Water and sewerage
Communications
Financial services and markets
Data storage or processing
Defence industry
Space technology
Higher education and research
Organisations classified as critical infrastructure can improve their security measures, report incidents to higher levels, or demonstrate security standards.
Physical security entrance solutions are a reliable measure to prevent unauthorised access to buildings and key areas within them, such as those housing digital data and control functions.
Drawing on the Boon Edam Group’s global experience in security entrance and layered security solutions, including with energy providers in Australia, the following steps are presented for consideration of energy organisations.
These are particularly relevant to energy providers seeking to achieve the highest security levels to meet current and ongoing legal requirements to prepare for issues such as those outlined by Mike Burgess.
Many also apply to the other critical infrastructures outlined, all of which share an overarching legal duty of care to provide protection against potential issues of which they know or should know.
And, given the stark warnings from the director-general of ASIO, the issues are, or should be, clearly understood.
The energy sector, which provides electricity, gas, fuel, heating oil, and district heating, is crucial to the functioning of society. Ensuring a continuous energy supply involves prioritising safety, efficiency, and sustainability, while implementing protective measures to secure critical infrastructure against potential threats.
A key aspect of security management is preventing unauthorised access to vital areas, both cyber access and physical access to premises, plants and key areas within them.
Successfully establishing physical security zones requires a multi-layered approach, because not all areas of a building have the same security needs as others, both in type of deterrence and intensity of detection and prevention.
High security standards must typically be implemented from the outside inwards to effectively protect critical areas, facilities, systems and data. This layered approach includes:
Layer 1: Main Entrance Building: Many properties, such as power stations, substations, or control centres, are located within building complexes. Revolving doors, or security revolving doors, such as the Tourlock 180, are ideal for the main entrance and can be customised to the number of users. Options include revolving doors with additional security features or reinforced glass. This serves as the first line of defence in security.
The Tourlock 180 revolving door offers the highest level of reliability and security, accommodating large numbers of people with ease. This versatile entrance solution can be adapted to the changing demands within a 24-hour operation cycle. Its four-wing design and intelligent functionality prevents unauthorised entry, protecting both people and equipment.
Seamlessly integrating with access control systems, the Tourlock 180 provides robust security. It allows simultaneous passage in both directions, enabling authorised users to enter and leave the building at the same time.
Authorisation is managed through signals from an access control system, such as a card reader or biometric device.
Only once this is confirmed will the door begin to rotate. Its advanced separation system effectively prevents tailgating and piggybacking attempts, eliminating the need for additional security personnel and reducing costs, making it a cost-effective solution.
When equipped with the modern integrated overhead sensor system, StereoVision, the Tourlock 180 offers unparalleled security. This cutting-edge technology detects whether one or more individuals are attempting to enter the secure area, ensuring maximum protection at all times.
Layer 2: Entrance to More Restricted and Secured Areas: After passing through the main entrance, security sensor gates can be used in the building's lobby. These systems use sensor technology to monitor individuals moving through the gate to areas they are authorised to access. They detect tailgating and attempts to climb over or crawl under barriers, automatically alerting security personnel to potential breaches.
Sensor gates such as the Lifeline Speedlane Swing are engineered to be the slimmest, most intuitive speed gate on the market today.
Combining an attractive design with the latest technology, this medium-security sensor gate features an ergonomic profile that allows installation in areas with limited space.
Speedlane Swing is engineered to present a user-friendly and aesthetically attractive face to advanced security, avoiding an institutional ambience for workers and visitors.
The smooth, premium glass housing of the sensor gates is further enhanced by intuitive, coloured LED lights that glide across the surface.
These gates are highly customisable, offering a range of surface designs and functional options to suit different environments. They guide visitors seamlessly from the entrance through the authorisation process to the secure areas of the building.
Secure access solutions like the Lifeline Speedlane Swing provide numerous benefits, including loss prevention, reducing workplace violence, and designating work areas.
By automating many of the manual processes associated with security, these entrances enhance safety, streamline operations and enable expensive manned security resources to be reallocated to areas of greatest need.
Layer 3: High-Security Area: If an intruder manages to bypass the first two levels of security, it is critical to implement the highest level of protection for the systems and equipment inside.
High-security portals employing biometric scans and overhead sensors can ensure that only authorised individuals gain access, as with the Circlelock technology types in use in Australia and worldwide.
The Circlelock Solo security portal offers the highest level of physical protection, serving as the ultimate defence against intrusion into sensitive areas.
This Circlelock, which is part of a family of portals for different needs, ensures that only one authorised person can access the portal at a time, eliminating the need for manned supervision or guards.
The cylindrical compartment features two interlocking automatic sliding doors. Upon authorisation, the first door opens, allowing the user to enter the portal. Integrated sensors confirm that the user is alone. If confirmed, a signal is given to open the second sliding door, permitting passage into the secure area.
Additionally, a secondary biometric system can confirm identity within the chamber, enhancing security.
Given the rising awareness of threats of terrorism and sabotage, including most recently the public announcements from ASIO, the question is not “Should we do something?” but rather “What should we do that will be most effective?”.
By utilising layered security measures, as I have outlined, the energy sector, and other infrastructure sectors, can effectively defend its critical infrastructure to ensure the continuous, safe supply of energy to society.
The last word should go to Mike Burgess, whose public pronouncements have lifted security from a contingency, to become a clearly defined issue requiring present-day action.
Mike Burgess says ASIO’s remit empowers it to investigate seven heads of security – areas of responsibility – including: Espionage; Foreign interference; Politically motivated violence (which includes terrorism); Promotion of communal violence; Sabotage; Attacks on Australia’s defence system, and serious threats to border security.
“Three of our heads of security are already flashing red: espionage, foreign interference, and politically motivated violence. In the next five years, we expect three more to join them,” said Burgess, noting that espionage and foreign interference will be enabled by advances in technology, particularly artificial intelligence and deeper online pools of personal data vulnerable to collection, exploitation, and analysis by foreign intelligence services.
So we are not talking theoretical threats here. We are discussing how to prepare for, and defend against, multiple clearly identified and currently present risks that we must manage to fulfil our legal Duty of Care.
Michael Fisher is managing director of Boon Edam Australia, which provides a full suite of entrance security solutions in Australia, New Zealand, and Papua New Guinea. Royal Boon Edam is a market leader in 27 countries, providing, under the one roof, revolving doors, security doors & portals, speed gates, access gates and full height turnstiles to ensure the security of your entry and perimeter. Boon Edam Australia operates under Master security licence number: 000104487.
The Urban Developer is proud to partner with Boon Edam to deliver this article to you. In doing so, we can continue to publish our daily news, information, insights and opinion to you, our valued readers.
