SA Power Networks' Head of Cyber Security and IT Resilience Nathan Morelli has been appointed to a new national board tasked with helping Australian organisations better prepare for and respond to cyber attacks.

The newly formed Cyber Incident Review Board has been set up by the Minister for Home Affairs Tony Burke.

Nathan, who was appointed on Monday 4 May, said it’s a privilege to be the only energy sector member on this newly formed board.

“The appointment followed a formal application and assessment process led by the Minister, with criteria focused on cyber security experience, incident response, and critical infrastructure expertise,” he said.

“As a monopoly energy provider, our focus is on maintaining safe and reliable services for the community while managing increasingly complex cyber threats. I’m looking forward to contributing to a process that helps capture lessons from major cyber events and share those insights in a way that supports both government and industry.”

Minister Burke said the Cyber Incident Review Board will examine major cyber security events, develop findings, and provide recommendations to improve national cyber resilience.

The seven-member board will be supported by an expert panel of private and public sector industry professionals. SA Power Networks' Nathan Morelli is one of five members from industry.

Other members of the board, chaired by Telstra’s Global Chief Information Security Officer Narelle Devine, are:

• Professor Debi Ashenden, Director Institute for Cyber Security, University of NSW
• Valeska Bloch, Partner and Head Of Cyber, Allens
• Jessica Burleigh, Chief Information Security Officer, Boeing Australia
• Darren Kane, Chief Security Officer, NBN Co
• Berin Lautenbach, Global Head of Information Security, Toll Group.

SA Power Networks invests heavily in securing South Australia’s power and associated infrastructure. Its Group Sustainability Report 2025 showed that, since the beginning of 2025, the organisation has observed a significant increase in sophisticated attacks.

“While total incidents have only increased by 4% compared with 2024, non-reportable high severity incidents increased by 200%,” Morelli said.

“Attack attempts on our internet-connected devices and systems have increased by more than 500%. Fortunately, one-fifth of these attacks can be attributed to our increased external testing.

“SA Power Networks’ operational infrastructure affects all of our state’s electricity customers. Compliance obligations demanded of us are rightfully stringent – we’re an essential service without which society stops functioning pretty quickly.

“There are many examples of essential services being disrupted by cyber attacks across the world. Just because we’re an island and physically remote doesn’t mean we’re any less threatened.”