Future-proofing our communities: embracing sustainability and resilience
It can often feel like there’s no good news when it comes to climate change; one positive however is the amplification of the urgency for action through major events such as COP26 – the 2021 United Nations Climate Change Conference. While the UN also warns that many impacts are unavoidable and will hit the world’s most vulnerable populations hardest, the UN’s Intergovernmental Panel on Climate Change also remains optimistic that collective action from governments and an enabling policy and finance environment for businesses to both curb greenhouse gas emissions and prepare communities to live with global warming could yet avert the worst of the projected outcomes.
Building resilience in the context of climate change
It’s time to understand the implications of targeted attacks against critical utilities and infrastructure and take action. Boards and senior leaders are responsible for protecting New Zealand communities and must act intentionally to safeguard our places, spaces and people. For leaders unsure of their cyber risks and vulnerabilities, now is the time to ask questions.
The next five years will see New Zealand’s water industry fundamentally change in the way it operates. The growing regulatory focus on large infrastructure is set to drive the next wave of cybersecurity changes. With Australia leading the way in operation technology cybersecurity, strengthened guidelines or legislation updates are likely on New Zealand’s periphery.
If we consider the Australian journey as an example, the four-year gap between the Security of Critical Infrastructure Act 2018 and the Security Legislation Amendment (Critical Infrastructure Protection) Act 2022 gave Australian organisations time to step-up. And today, the risk management practices of critical infrastructure providers in Australia have never been stricter. The time is now for New Zealand to prepare for the equivalent and review risks before it becomes a mandated requirement.
While this white paper takes a global lens, it remains relevant to New Zealand’s evolving cyber landscape. We anticipate radical shifts, including regulations and heightened public scrutiny, which demands new approaches and solutions. Among the myriad of risks is the shift of SCADA (supervisory control and data acquisition) systems to virtualised web-based platforms, introducing the inherent risk of technology change.
Although New Zealand has made progress in its cyber maturity, work remains and must happen soon. Leaders must put the risks and vulnerabilities under a microscope and cybersecurity must be holistically integrated into operation strategy and company ethos.
The need for an embedded, multi-disciplinary approach
With achieving the goal of net zero emissions now firmly on many board agendas, the greatest opportunity ahead is to aim for deep organisational change around climate priorities to genuinely embed that change in approach and mindset across all aspects of the business. No longer is it enough to pay lip service to climate change impacts with a tokenistic scheme developed by a standalone sustainability department; businesses need to demonstrate a genuine commitment and meaningful pathway for action. Before taking any action, however, it’s important to define an organisation’s role and sphere of influence. Is it this particular organisation’s responsibility to set the standard and lead the way? Does the organisation need a complete overhaul of its climate strategy? Where are the gaps?
Organisations should also seek to develop climate change plans for the short-, medium- and long-term. This is not a one-time process and should be part of the business planning cycle every three to five years. Risk registers should be discussed at quarterly board meetings, with a key focus on building resilience in the face of more frequent and severe weather events, among other threats. For example, how drought or increased flooding may affect infrastructure in the future, and whether changes can be made to mitigate or adapt to these impacts. Priority issues that affect a business and the environment it operates in and where pre-emptive action can be made, are other salient points of discussion.
Stepping up - how the private sector can lead the charge
Despite growing understanding and positive steps toward climate action, many challenges remain. One such obstacle is short-termism, especially on the public - sector side. From a political perspective, governments can be hesitant to enact too much change, too soon, risking backlash from constituents and industry and jeopardizing re-election for subsequent terms. On top of this, governments who do want to act can often have their hands tied due to political processes where policies cannot be made and laws cannot be enacted without a majority consensus. Companies are also increasingly responding to the responsibility to “do the right thing”.
For example, in 2018, brewing company Carlsberg ditched the plastic rings from their six-packs of beer, introducing new “Snap Pack” technology to dramatically reduce plastic waste and minimise their environmental impact. Another positive example is the British Retail Consortium, which through their “Better Retail Better World” initiative is encouraging the retail industry in Britain to meet some of the biggest global challenges of the coming decades highlighted by the UN, including modern slavery, climate change and responsible consumption and production, using the United Nations Sustainable Development Goals as a framework.