About The SOCI Brief

The problem

Every week, hundreds of advisories, breach disclosures, vendor bulletins and policy updates land across dozens of different sources, written for dozens of different audiences. Almost none of it is filtered for what actually matters if you're running IT and OT for an Australian mine, an energy network, or a water utility under the SOCI Act.

Why I built it

I built The SOCI Brief to solve that problem for myself first. After 20 years working in IT/OT environments across mining and critical infrastructure, I got tired of bouncing between ASD/ACSC advisories, vendor PSIRTs, OT-specific threat intel and global trade press just to find the handful of stories genuinely relevant to my own sector and regulatory obligations.

How it works

I built an automated system that does the heavy lifting — pulling from dozens of sources every week, filtering for relevance to Australian critical infrastructure, and using AI to draft a first-pass summary of each item. But nothing reaches your inbox without me personally reading, checking and editing it first.

The judgement is still human. The AI just clears the noise so I can spend my time on the part that actually matters — deciding what's worth your attention, and adding the perspective you won't get from a press release.

Why I'm sharing it

Once it was working for me, the obvious next step was sharing it with the people who have exactly the same problem — which turned out to be most of the IT/OT leaders I already know.

Sources

The pipeline monitors 29 sources continuously, grouped by type:

Editorial standards

• All sources are publicly available and reputable — government advisories, established security press, and recognised OT/ICS vendors.
• No original articles. Every item is summarised and linked — never republished or reproduced.
• Every edition is personally reviewed and approved before it sends. Nothing is published without that review.
• Any paid content (vendor spotlights) is always clearly labelled.