Security Context for Culturals: The 2026 Outlook
Planning considerations for Security Managers in Australian galleries, libraries, archives and museums
By Adam Samuelson
In the Australian GLAM sector, the security landscape has degraded and diversified. That’s consistent with ASIO’s assessment of the National security context.
In February 2025, ASIO Director-General Mike Burgess warned:
“Australia has entered a period of strategic surprise and security fragility. Over the next five years, a complex, challenging and changing security environment will become more dynamic, more diverse and more degraded.”
Burgess went on to advise that three specific heads of security are "flashing red" (indicating critical or extreme threat levels):
Espionage
Foreign Interference
Politically Motivated Violence
Our institutions are designed to be open, welcoming and public facing and these conditions can create vulnerabilities that require context-aware controls.
This article looks at recent incidents shaping current thinking, and then translates them into practical actions aligned to Australian frameworks, especially the Protective Security Policy Framework and Australia’s Strategy for Protecting Crowded Places from Terrorism.
The changing threat narrative: two incidents that will continue to resonate in 2026
1. Bondi Beach attack: crowded places violence on Australian soil
The Bondi Beach terrorist attack in December 2025 targeted a Jewish community Hanukkah celebration. The attack has reshaped the national security conversation and accelerated legal and policy responses. The message to all public venue operators including cultural institutions is that:
crowded places remain the most likely terrorism targets in Australia,
innocuous community events may be deliberately selected to maximise harm,
and response times are brutally short.
What this means for Australian GLAM security managers
Cultural venues are symbolic places, and that symbolism can increase their attractiveness as a target for those who would do harm.
Many institutions host:
cultural events and celebrations
diplomatic and diaspora engagement events
high-profile openings and festivals
school holiday programs and large public gatherings
These activities, under the crowded places lens, require planned protection. Not a fear-based fortress mode that is inconsistent with organisational objectives, but deliberate risk based, practical and context-aware controls.
Australia’s crowded places strategy is explicit: crowded places will continue to be attractive targets, and protective measures should be nationally consistent, proportionate, and preserve public use and enjoyment wherever possible.
Immediate GLAM actions for 2026:
Event security focus for high-density, high-visibility programs including crowded places assessments and consideration of screening, bag policies, access control, vehicle security and emergency procedures.
Protective intelligence and liaison: Coordination with local neighbours in your precinct and other institutions. Renewed police relationships and local area command briefings ahead of major events.
Response exercises: rapid lockdown and hostile intruder exercises, role clarity, effective radio comms and timely incident comms.
How Culture Collab can assist:
Hostile intruder risk assessments and crowded places assessments.
Context aware hostile intruder training and exercises.
PSPF compliant emergency and business continuity planning.
2. The Louvre jewel heist (October 2025): detection wasn’t the gap, response capability was
The October 2025 daylight heist at the Louvre remains one of the clearest recent case studies for cultural security leaders because it illustrates a hard truth: security technology mostly buys time and time is useless without a capable human response.
Public reporting describes attackers using:
Hi-Viz clothing to delay detection,
industrial access equipment (a stolen basket lift provided access to the upper floor, reducing the attack vector length and allowing unscreened entry),
forced entry (through a heritage balcony perimeter door),
powerful cutting tools to rapidly compromise the perimeter door and display cases,
and scooters for rapid escape,
with a reported operating window of around seven minutes.
The Louvre’s intrusion detection systems worked as they should, triggering alarms in the control room. However, public domain reporting indicates that the control room relayed unreliable location information to police that delayed the response. Guards that were in the area of the attack were unable to intervene.
The Louvre has moved to improve physical and electronic controls, including hardening balcony access points, plans for 100 additional external CCTV cameras and tighter integration with police.
The key point for Australian cultural institutions is that interruption of a theft relies on a capable human response. I discussed this further in my interview with The Australian shortly after the incident: Local Museums Vulnerable to Louvre-Style Attacks.
What to do in 2026
In addition to theft response, the first three actions below will contribute to improving hostile intruder response as well:
Is your response capability up to task? Consider whether your guards and control room are capable of providing an effective response.
7-minute exercise: consider running scenarios where the incident is over in seven minutes.
Translate control room language into plain English: responders need clear directions (e.g., “Level 2, northern balcony outside Apollo Gallery”). Internal codes or zone references are not useful for external parties, including police. With most institutions using encrypted radios, the need to obscure communications is eclipsed by the importance of clear emergency communication.
Changes in context require a risk assessment: The thieves used the cover of legitimate construction to delay their detection. With significant works occurring at many Australian cultural institutions, it is essential to assess and control the vulnerabilities introduced by construction.
How Culture Collab can assist:
Physical security risk assessments: Identify and control physical vulnerabilities to protect people and collections.
Red team exercises: Physical security penetration testing of your institution. Find and control vulnerabilities by simulating a real attack.
Guard team capability uplift: Exercise and identify capability gaps in your guarding team, and deliver the training, knowledge and equipment required to upskill and improve.
Foreign interference: why GLAM is a target
While radicalisation and politically motivated violence is a primary concern for Australia, foreign interference remains a persistent threat.
Why culturals are attractive targets
Cultural institutions are uniquely useful to foreign actors because they provide:
prestige and access (openings, donor events, VIP lists),
trusted public platforms (exhibitions, speakers, cultural diplomacy),
networks of diaspora communities and interest groups,
and influence - reputational development and influence can be the aim.
GLAM is also vulnerable to subtle tradecraft because so much of our work relies on:
volunteers,
contractors and touring exhibition staff,
academic partnerships,
gifts and donations,
and open access visitor environments.
What foreign interference can look like in GLAM (practical indicators)
In 2026, the risks for culturals includes:
Relationship targeting of staff/curators/executives through professional networks and LinkedIn,
donor influence and coercive philanthropy,
pressure campaigns linked to contested exhibitions or historical narratives,
access exploitation during visits, events and openings, and
cyber-enabled collection of internal comms and leverage
The PSPF Requirements
For Australian Government entities, the PSPF explicitly requires an insider threat program and active management of foreign ownership, control or influence (FOCI) risks.
How Culture Collab can assist:
PSPF compliant insider threat programs and FOCI risk assessments.
Training for high risk positions.
Travel security and safety briefings.
The Culture Collab perspective: a resilient, safe and welcoming environment
We develop context-aware, effective security controls and programs that enable the objectives of institutions while providing a safe and welcoming environment for visitors. It’s cultrual security developed with a depth of experience and knowledge.
Two key frameworks guide and support cultural security in the current environment:
1. The Crowded Places Strategy baseline
The crowded places guidance is designed to help venue operators identify proportionate protective measures and uplift readiness when necessary.
Consider doing this in 2026:
run protective assessments for events, festivals, openings
design for rapid lockdown/safe evacuation in specific areas
test communications (including incident comms to public)
2. Review PSPF Release 2025 and prepare for a Release 2026
PSPF Release 2026 is likely to respond to the emerging threat environment where violent extremism is a primary concern.
PSPF Release 2025 signalled where other protective security expectations are moving, particularly in cyber, personnel security, and technology risk:
The cyber and technology bar moved
PSPF Release 2025 introduced new or expanded policy content dealing explicitly with emerging technology risk, including artificial intelligence, quantum computing, and connected peripheral technologies.
Personnel and information security were updated
The release included policy changes in personnel security and information security, reflecting the degraded security environment.
Gateway security and Systems of Government Significance were elevated
Release 2025 gave authority to new Australian Government security standards relating to Gateway Security and Systems of Government Significance (SoGS).
When will the PSPF be updated again?
It’s reasonable to expect the next major release in mid-2026, consistent with the recent annual release cycle. Between annual releases, the PSPF shifts quickly via Protective Security Directions issued when risks increase.
Three trends on the 2026 security agenda for Australian culturals
Human response capability becomes the differentiator
The Louvre demonstrated the critical importance of security response: collection items can leave the building before the security incident management system stabilises.
With AI detection improving to operationally useful levels, we’ll need capable, trained and equipped human responders.
2. Issues motivated activity evolves: from spectacle to disruption
Consider the possibility of:
digital campaigns targeting staff, board members and ministers
events booked under pseudonyms
strategic reputational pressure around exhibitions, speakers or performers
nuisance and hoax activity
3. Convergence of Visitor Services, Security and Safety
More institutions will move towards formalising front of house teams with skills across visitor experience, safety, security and conservation reporting.
In public facing open sites like ours, front of house staff are often the earliest detection and response system across a range of hazard categories but only if they’re trained, supported and connected to response pathways.
Look out for Culture Collab’s Cultural Guardian training skill set for frontline staff in 2026.
Conclusion: resilient, safe, welcoming and engaging
Our security goal for 2026 is to contribute to improving Australia’s social cohesion and national security through resilient, safe, welcoming and engaging cultural spaces.
If you’d like to discuss your security focus in 2026, please email or call 0404 841 766.