Best practice and risk management frameworks not enough, say Aussie SCADA security managers; a scathing 56-page report from the Victoria Auditor General stated that most critical infrastructure operators did not have fully compliant risk management frameworks; still, Australia’s Federal Attorney-General’s Department has ruled out regulation of security standards for supervisory control and data acquisition (SCADA) systems for critical infrastructure, despite a mounting threat landscape