Securing the Grid: Modernizing E&U Security Operations with Lakewatch (AI-Native SIEM)

Energy & Utilities (E&U) face a perfect storm: surging OT/ICS ransomware, strict NERC CIP/TSA regulations, and an explosion of IT/OT telemetry. Traditional SIEMs, hampered by ingest-based pricing and data silos, can no longer keep pace. Enter Lakewatch: Databricks’ open, AI-native SIEM, built natively on the Lakehouse.

This session provides insights from Energy Queensland's journey of navigating the challenges of traditional SIEM and the impact a security lakehouse on Databricks can deliver. We'll discuss how Databricks Lakewatch, the lakehouse-native SIEM, eliminates "ingest taxes" and unifies IT, cloud, and OT logs through OCSF-aligned schemas; how SQL-based detection engineering and agentic threat hunting open up petabytes of historical data in seconds; and how an open, decoupled storage and compute architecture delivers the visibility, long-term retention, and AI-readiness critical infrastructure operators need to increase their situational awareness.