Latest publications 31 Oct 2025 Microsoft Exchange Server security best practices This paper—authored by the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC), and Canadian Centre for Cyber Security (Cyber Centre)—provides security best practices for administrators on hardening on-premises (on-prem) Exchange. 30 Oct 2025 Cyber security priorities for boards of directors 2025-26 This advice outlines questions boards can ask of management and their organisation to understand its cyber security posture in the current cyber threat environment. 28 Oct 2025 Creating and maintaining a definitive view of your operational technology architecture How organisations who deploy or operate operational technology systems should build, maintain and store their systems understanding. All publications Title AudienceIndividuals & familiesSmall & medium businessesOrganisations & Critical InfrastructureGovernment Sort by Sort byDate updated (new to old)Date updated (old to new)Title (A-Z)Title (Z-A) Items per page 61218243036424854606672788490200 02 Oct 2024 Essential Eight maturity model and ISM mapping This publication provides a mapping between the Essential Eight and the controls within the Information security manual (ISM). 22 Aug 2024 Best practices for event logging and threat detection This publication defines a baseline for event logging best practices to mitigate cyber threats. 30 Jul 2024 Secure by Design foundations ASD’s ACSC's Secure by Design foundations represent a first step in a new approach to assist technology manufacturers and customers to adopt Secure by Design. While the foundations are primarily designed to foster discussion within technology manufacturers on how to best approach Secure by Design, they contain relevant information and actions for technology customers. 27 Jun 2024 Exploring memory safety in critical open source projects This publication follows the December 2023 release of The Case for Memory Safe Roadmaps, which recommended software manufacturers create memory safe roadmaps, including plans to address memory safety in external dependencies, which commonly include open source software (OSS). Today’s publication provides a starting point for these roadmaps by investigating the scale of memory safety risk in selected OSS. 12 Jun 2024 Managing the risks of legacy IT: Executive guidance This publication provides high-level and strategic guidance for an organisation’s executive seeking to manage the risks of legacy IT. 12 Jun 2024 Managing the risks of legacy IT: Practitioner guidance This publication provides guidance for practitioners on managing the risks posed by legacy IT and outlines low-cost mitigations that organisations can draw upon. Pagination Previous page ‹‹ Page 9 Next page ›› Alerts and Advisories Advice, guidance and publications Reports and statistics News Programs Glossary