Australia's critical infrastructure operators are now working within an evolving legislative environment shaped by the SOCI Act and the newer Cyber Security Act - but translating legal obligations into operational reality remains a complex challenge. From risk management frameworks and incident reporting to IT/OT integration and supply chain security, organizations across energy, water, health and government sectors are at very different points on the compliance journey.

In this panel discussion, industry leaders share candid experiences of what compliance has looked like in practice - including the governance battles, legacy system constraints and workforce gaps that don't appear in the legislation itself.

The panel will address:

• How the SOCI Act and Cyber Security Act translate into obligations for different entity types and sectors;
• Why supply chain risk is rapidly becoming one of the hardest compliance challenges to resolve;
• How emerging threats, from AI adoption to identity-based attacks and foreign interference, are reshaping the compliance conversation beyond technical controls.