Latest publications 04 Dec 2025 Principles for the secure integration of Artificial Intelligence in Operational Technology This publication provides guidance for critical infrastructure owners and operators for integrating AI into operational technology (OT) environments. It outlines key principles to leverage the benefits of AI in OT systems while minimising risk. 20 Nov 2025 Bulletproof defense: mitigating risks from bulletproof hosting providers This document provides internet service providers (ISPs) and network defenders recommendations to mitigate potential cybercriminal activity enabled by bulletproof hosting (BPH) providers. 31 Oct 2025 Microsoft Exchange Server security best practices This paper—authored by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), and Canadian Centre for Cyber Security (Cyber Centre)—provides security best practices for administrators on hardening on-premises (on-prem) Exchange. All publications Title AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Sort by Sort byDate updated (new to old)Date updated (old to new)Title (A-Z)Title (Z-A) Items per page 61218243036424854606672788490200 04 Sep 2025 End of support for Microsoft Windows and Microsoft Windows server Support for Microsoft Windows and Microsoft Windows Server users following the expiration of the specified servicing timeline. 26 Aug 2025 Managing cryptographic keys and secrets This guide has been developed to help organisational personnel in understanding the threat environment and the value of implementing secure keys and secrets management to make better informed decisions. 14 Aug 2025 Foundations for OT cybersecurity: Asset inventory guidance for owners and operators This guidance outlines how OT owners and operators can create and maintain an asset inventory and OT taxonomy, to protect their most vital assets. It includes steps for defining scope and objectives for the inventory, identifying assets, collecting attributes, creating a taxonomy, managing data, and implementing asset life cycle management. 29 Jul 2025 Gateway security guidance package: Gateway security principles Guidance written for audiences responsible for the procurement, operation and management of gateways. 29 Jul 2025 Gateway security guidance package: Gateway technology guides This guidance is one part of a package of documents that forms the gateway security guidance package. When designing, procuring, operating, maintaining or disposing of a gateway, it is important to consider all the documents from the gateway security guidance package at different stages of governance, design and implementation, and not to consume this guidance in isolation. 29 Jul 2025 Gateway security guidance package: Overview This page provides an overview of ASD’s Gateway security guidance package. Pagination Previous page ‹‹ Page 4 Next page ›› Alerts and Advisories Advice, guidance and publications Reports and statistics News Programs Glossary