On 7 May 2026, the Australian Energy Market Commission (AEMC) published a draft determination and draft rule to embed and formalise the Australian Energy Market Operator’s (AEMO) gas sector cyber security roles and responsibilities under the National Gas Rules (NGR).  

The draft rule would:

1. establish cyber security as a function for AEMO in the NGR
2. harmonise AEMO’s cyber security roles and responsibilities with its electricity sector role to support a strategic and coordinated approach to cyber security in the energy system
3. enable AEMO to recover costs and have liability protection for cyber security activities.  

The draft rule would do this by adding four new functions in the NGR.  

These four functions would include:

• function 1 – cyber security incidents coordinator  
• function 2 – supporting cyber preparedness and uplift  
• function 3 – examining risks and providing advice to government and industry  
• function 4 – facilitating the distribution of critical cyber security information.

We are seeking stakeholders’ feedback on the draft rule.  

Next steps

The AEMC requests submissions to the draft determination by 18 June 2026. We expect to publish a final determination for the rule change on 30 July 2026.  

Rule change request  

On 28 October 2025, the AEMC received a rule change request from the Honourable Chris Bowen MP, Minister for Climate Change and Energy.

We published a consultation paper on 29 January 2026.