These resources have been developed to help improve your organisation’s cybersecurity.
Australian critical infrastructure networks regularly experience targeted and opportunistic malicious activity. Data from the Annual Cyber Threat Report 2023-24 indicates critical infrastructure are an attractive target for malicious actors.
The 3 most common activity types leading to critical infrastructure-related incidents are:
- compromised account or credentials
- malware infection (other than ransomware)
- compromised asset, network or infrastructure.
By utilising the following resources, your organisation can reduce the potential financial and reputational damages associated with a cybersecurity incident.
Resources for critical infrastructure
Information security manual
A cybersecurity framework to protect your organisation’s systems and data from cyberthreats.
Essential Eight
Implement these 8 essential mitigation strategies to protect your organisations’ internet-connected information technology networks.
Mitigating cybersecurity incidents
Prioritised strategies to help mitigate cybersecurity incidents caused by various cyberthreats.
Operational technology environments
A range of publications to help mitigate security risks to operational technology environments.
Secure by Design
A proactive, security-focused approach to the development of digital products and services that aligns with an organisation’s cybersecurity goals.
Identifying and Mitigating Living Off the Land Techniques
Guidance to help your organisation understand common LOTL techniques and gaps in cyber defence capabilities.
Artificial intelligence
A range of guidance to assist organisations to engage with AI systems in a secure way.
Preparing for and responding to denial-of-service attacks
Guidance to help your organisation to prepare, respond and avoid contributing to denial-of-service attacks.
Cyber security incident response planning: Practitioner guidance
ASD defines a cybersecurity incident as an unwanted or unexpected cybersecurity event, or a series of such events, that has either compromised business operations or has a significant probability of compromising business operations.
Maintaining devices and systems
Hardening systems and applications
Learn more on how to harden your organisation’s systems and administration.
Blueprint for Secure Cloud
This blueprint is an online tool to support the design, configuration and deployment of collaborative and secure cloud and hybrid workspaces.
Secure administration
Guidance to help your organisation understand secure administration.
Report a cybercrime, incident or vulnerability
To report a cybercrime, cybersecurity incident, security vulnerability, or to check an existing ReportCyber report, please select this option to start your reporting journey.
Become an ASD partner
The Australian Signals Directorate's Australian Cybersecurity Partnership Program enables Australian organisations and individuals to engage with the ASD's ACSC and fellow partners. Learn more about ASD’s Partnership Program.
How the ASD’s ACSC can help during a cyber security incident
The Australian Signals Directorate’s Australian Cyber Security Centre’s (ASD's ACSC) incident management capabilities provide technical incident response advice and assistance to Australian organisations that have been impacted, or may be impacted by a cybersecurity incident.
How the ASD’s ACSC can help improve your organisation’s cybersecurity and resilience
The Australian Signals Directorate’s Australian Cyber Security Centre’s (ASD's ACSC) Critical Infrastructure Uplift Program (CI-UP) offers a series of programs that shares uplift and hardening advice along with providing technical assistance to Australian Critical Infrastructure organisations.