In this section, you will find advice and guidance focused on large organisations, including strategies on how to prevent and respond to cyber incidents; ensure appropriate levels of education and awareness for your workforce; managing supply chain risks; and communicating the importance of good cyber security to executives and customers.
The Australian Cyber Security Centre (ACSC) has published advice on COVID-19 themed malicious cyber activity. Our guidance will help you protect your systems, data and personal information during the COVID-19 pandemic. We will continue to mitigate and disrupt these COVID-19 related scams and we encourage Australians to remain vigilant and maintain strong cyber security practices during this time.
The Australian Cyber Security Centre (ACSC) has developed prioritised mitigation strategies to help cyber security professionals in all organisations mitigate cyber security incidents caused by various cyber threats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.
All organisations should consider cyber supply chain risk management. If another organisation is involved in the delivery of a product or service to your organisation, there will be a cyber supply chain risk originating from that organisation. Likewise, your organisation will transfer any cyber supply chain risk you hold to your customers. Effective cyber supply chain risk management ensures, as much as possible, the secure supply of products and services for systems throughout their lifetime. For products, this includes their design, manufacture, delivery, maintenance and disposal. As such, cyber supply chain risk management forms a significant component of any organisation’s overall cyber security strategy.