This morning, our Director Jason King from Regional Queensland Investigations spoke with ABC North Queensland in an in-studio radio interview about the recent cyber security incident affecting Mackay Sugar. Jason also spoke with Channel 7 News Mackay about the broader implications for regional businesses, critical industries and local supply chains.
Mackay Sugar has publicly confirmed that it is responding to a cyber security incident affecting some of its operations. The company has stated that its immediate focus is the safety of its people, protecting operational systems, maintaining business continuity, and restoring systems safely with the support of specialist cyber security experts and relevant authorities.
While the technical details of the incident have not been publicly confirmed, the situation is a timely reminder that cyber security is no longer just an IT issue. For regional industries, a cyber incident can quickly become an operational issue, a safety issue, a supply chain issue and a business continuity issue.
Mackay Sugar is a major part of the Mackay region. It is one of Australia’s largest sugar producers, a significant local employer, and is connected to growers, contractors, transport operations, milling infrastructure and energy generation. When an incident affects operations of that scale, the consequences can extend well beyond a computer network.
Cyber Security Is Now and always has been a Regional Business Issue
The key lesson for regional businesses is simple: cyber risk is business risk.
Every organisation should be asking:
- What happens if our systems go down tomorrow morning?
- Can we continue critical operations manually?
- Are our backups tested and recoverable?
- Who makes decisions during a cyber incident?
- Do staff know what to do if email, phones, payroll, bookings or operational systems become unavailable?
- Have we planned for communication with staff, clients, suppliers and stakeholders?
- Do we know what evidence needs to be preserved if there is unauthorised access, data loss or internal misuse?
The businesses that recover best from cyber incidents are not necessarily the ones that assume they will never be affected. They are the ones that have planned, tested, rehearsed and know how to respond when something goes wrong.
For regional Queensland, this incident should be viewed as a practical reminder that cyber resilience is now part of operational resilience. Whether you are in agriculture, mining services, local government, health, education, logistics, manufacturing or professional services, the ability to keep operating during disruption is critical.
How Regional Queensland Investigations Can Assist
At Regional Queensland Investigations, we assist businesses, organisations and legal representatives with matters where cyber incidents, digital evidence, internal misconduct, unauthorised access, employee behaviour, data misuse or operational disruption require a careful and independent response.
A cyber incident often raises questions that go beyond the technical recovery process. Businesses may need to understand what happened, who had access, whether internal policies were breached, whether confidential information was exposed, whether staff or contractors were involved, and what evidence needs to be preserved for future legal, disciplinary or insurance purposes.
RQI can assist businesses by providing:
- Independent workplace and corporate investigations
- Cyber incident support from an investigative and evidence perspective
- Internal misconduct and unauthorised access inquiries
- Digital evidence preservation and review
- Employee, contractor and stakeholder interviews
- Chronologies, evidence summaries and investigation reports
- Policy, procedure and business continuity review
- Support for legal, insurance, HR and governance processes
Our role is not to replace specialist cyber security technicians. Their work is critical in containing the incident, securing systems and restoring operations. Our role is to assist with the investigative, evidentiary and organisational response that often follows.
This can include helping businesses understand what occurred, documenting key decisions, identifying relevant witnesses, preserving evidence, reviewing internal conduct issues, and preparing clear reports that can be used by management, boards, lawyers, insurers or external advisers.
Preparation Matters
The message for local businesses is not to panic. The message is to prepare.
Cyber security is no longer just about protecting data on a screen. It is about protecting people, operations, supply chains, reputations and regional communities.
If your business relies on digital systems, cloud platforms, email, payroll, booking software, operational equipment, contractors or suppliers, then cyber resilience should form part of your broader risk management and business continuity planning.
Regional Queensland businesses should treat this incident as a timely opportunity to review their own preparedness, including response plans, communication processes, backup arrangements, staff training, access controls and evidence preservation procedures.
When something goes wrong, calm decision-making matters. So does knowing who to call, what to preserve, what to document, and how to respond without making the situation worse.
Regional Queensland Investigations supports businesses across regional Queensland and the Northern Territory with independent, practical and evidence-based investigation services.
For assistance with workplace investigations, corporate investigations, internal misconduct, digital evidence issues or cyber-related business disruption, contact Regional Queensland Investigations.
Phone: 1300 870 923
Email: admin@rqinv.com.au
Website: www.rqinv.com.au
Jason King is the Director of Regional Queensland Investigations Pty Ltd. He has a background in law enforcement, compliance, workplace investigations and corporate investigations, assisting businesses and organisations across regional Queensland and the Northern Territory.