Skip to main content

This section of the ISM provides guidance on reporting cyber security incidents.

Reporting cyber security incidents

Reporting cyber security incidents, including unplanned outages, to an organisation’s Chief Information Security Officer (CISO), or one of their delegates, as soon as possible after they occur or are discovered provides senior management with the opportunity to assess damage to systems and their organisation, and to take remedial action if necessary, including seeking advice from the ACSC.

Security Control: 0123; Revision: 3; Updated: Sep-18; Applicability: O, P, S, TS
Cyber security incidents are reported to an organisation’s CISO, or one of their delegates, as soon as possible after they occur or are discovered.

Security Control: 0141; Revision: 4; Updated: Jul-20; Applicability: O, P, S, TS
Service providers report all cyber security incidents to the organisation’s CISO, or one of their delegates, as soon as possible after they occur or are discovered.

Security Control: 1433; Revision: 2; Updated: Jul-20; Applicability: O, P, S, TS
Organisations and service providers maintain 24x7 contact details for each other in order to report cyber security incidents.

Security Control: 1434; Revision: 2; Updated: Jul-20; Applicability: O, P, S, TS
Organisations and service providers provide each other with additional out-of-band contact details for use when normal communication channels fail.

Reporting cyber security incidents to the ACSC

The ACSC uses the cyber security incident reports it receives as the basis for providing assistance to organisations. Cyber security incident reports are also used by the ACSC to identify trends and maintain an accurate threat environment picture. The ACSC utilises this understanding to assist in the development of new or updated cyber security advice, capabilities and techniques to better prevent and respond to evolving cyber threats. Organisations are recommended to internally coordinate their reporting of cyber security incidents to the ACSC.

Security Control: 0140; Revision: 6; Updated: May-19; Applicability: O, P, S, TS
Cyber security incidents are reported to the ACSC.

Further information

Further information on reporting cyber security incidents to the ACSC is available at https://www.cyber.gov.au/acsc/report.