Access short, clear video modules to build practical cyber security awareness and skills for privileged ICT users.
Introduction to Privileged User Training (PUT)
As a privileged user, you hold a unique position of trust. Your elevated access to systems and data makes you a primary guardian of your organisation’s security - and a crucial line of defence against cyber threats. Whether you work in government, business, critical infrastructure, or the wider community, your role is vital in keeping your organisation secure and resilient.
This video series is designed to build your expertise and strengthen your cyber security awareness. Through practical guidance and real-world examples, you’ll explore the unique responsibilities, risks, and threats that come with privileged access and learn how to manage your role effectively.
The content aligns with the Australian Government Information Security Manual (ISM) principles for privileged user awareness, and meets the annual training obligations, making it a valuable resource for anyone managing sensitive information or essential systems.
In these modules, you will learn about:
- Hacker tools and techniques: Understand how cyber attackers target systems - and what you can do to protect yours.
- Managing cyber security risk: Practical steps to safeguard your organisation in complex enterprise and digital environments.
- Building a positive security culture: Ways to champion and embed good security practices in everyday work.
- Reducing incidents: Discover simple, practical tactics you can apply to minimise threats and keep information safe.
Each video delivers clear, actionable guidance to help you protect your access, safeguard your organisation, and contribute to a safer digital environment for all.
View and download videos
To view the videos, open the accordions below.
To download a video, click the one you want, then select the ‘vimeo' logo. This will open Vimeo – click the download button. Repeat for each video.
Description:
This module introduces you to the cyber threat landscape and how rapidly it evolves. You will explore how vulnerabilities are discovered and exploited, including the growing threat from state-sponsored actors. The module explains why organisations must move beyond reactive threat management to implement strong, proactive defensive strategies.
Learning Outcomes:
By the end of this module, you will be able to apply a proactive security mindset to your organisation's defences. You will understand why defence-in-depth is considered the gold standard for protection and be able to explain the critical role that regular training and testing play in maintaining strong network security.
Description:
This module asks you to view your organisation from an attacker’s perspective to better anticipate vulnerabilities. You will explore the stages of a targeted cyber intrusion, including reconnaissance, breach, lateral movement, and execution. The module examines how adversaries exploit easy paths such as unpatched software or weak passwords. You will also be introduced to cyber worthiness, which focuses on maintaining operations during a cyberattack.
Learning Outcomes:
By the end of this module, you will be able to explain why no silver bullet solutions exist in cyber security. You will understand why organisations must adopt a layered defence strategy to effectively protect against a range of threats.
Description:
This module uses the castle analogy to illustrate how layered security slows down attackers and buys time for response. You will explore why technical, physical, and governance controls must overlap to create effective cyber security protection. The module examines the relationship between human expertise and automated tools, and introduces the concepts of alert fatigue and set and forget vulnerabilities.
Learning Outcomes:
By the end of this module, you will be able to implement a strong defence- in-depth strategy for your organisation. You will know how to select and tune security tools for your specific network needs to prevent analysts from becoming overwhelmed by notifications. You will also be able to establish processes for rigorous testing, continuous updates, and regular reviews to maintain your security posture over time.
Description:
This module reviews common security failures such as sharing administrator accounts, poor network segmentation, and using legacy protocols. You will be introduced to essential mitigation frameworks including ASD's Essential Eight and the 3-2-1-1-0 rule. The module also covers key technical strategies such as Zero Trust segmentation, universal multi-factor authentication, and dedicated administrative paths and workstations.
Learning Outcomes:
By the end of this module, you will be able to identify and remediate vulnerabilities in your organisation's security posture. You will know how to apply practical techniques to reduce your attack surface and prevent an attacker's lateral movement within your network.
Description:
This module presents a simulated lab activity where an adversary attempts to compromise a network with ineffective cyber security protections. The simulation demonstrates real-world attack techniques and the vulnerabilities that attackers exploit in poorly defended environments.
Learning Outcomes:
By the end of this module, you will be able to recognise how the defence principles covered in these modules work together to prevent network intrusions. You will understand the practical impact of implementing proper security controls versus leaving systems unprotected.
Description:
This module explores how risk management tools support decision-making and bridge the communication gap between technical teams and executives. You will examine the distinction between meeting compliance requirements and maintaining genuine security through ongoing effort. The module introduces various adversary profiles, from activist groups to insider threats, to broaden your understanding of the threat landscape.
Learning Outcomes:
By the end of this module, you will be able to apply risk management frameworks to make informed security decisions in your organisation. You will be able to communicate complex technical issues effectively to non-technical stakeholders. You will also be able to build and refine comprehensive threat models by analysing different types of adversaries and their motivations.
Description:
This module explores the importance of establishing baselines for normal activity to effectively identify anomalies such as rogue queries or configuration drift. You will learn about creating meaningful logs that provide context rather than just raw data. The module also clarifies the differences between events, alerts, and incidents, and explains why human analysis is essential for final determinations.
Learning Outcomes:
By the end of this module, you will understand your role during a security breach and how to support incident response effectively. You will know how to stay calm, follow your organisation's official incident response plan, and assist security teams without inadvertently alerting the attacker to your organisation's response activities.
Description:
This module explores how shared values and behaviours shape an organisation's security posture. You will be introduced to the six pillars of operational excellence: formality, procedural compliance, level of knowledge, questioning attitude, forceful backup, and integrity. The module examines how executives serve as role models for good risk management and how incentives can encourage a proactive security culture. You will also explore how embedding security into daily work protects organisational reputation and maintains stakeholder trust.
Learning Outcomes:
By the end of this module, you will be able to apply the six pillars of operational excellence to strengthen your organisation's security culture. You will understand how to maintain strong safety practices in complex technical environments and recognise the behaviours that support sustained security improvements.
Description:
This module explores the human element of cyber security and how attackers exploit psychological triggers such as urgency, authority, and scarcity to manipulate victims. You will be introduced to defensive techniques including sandboxing for malware analysis and using open-source intelligence to identify early warning signs of threats. The module concludes with future-focused topics including secure AI development, cryptographic agility, and the transition to quantum-resistant encryption standards by 2030 to defend against emerging quantum computing threats.
Learning Outcomes:
By the end of this module, you will be able to recognise how adversaries use psychological manipulation to compromise security, and identify protective measures your organisation can implement. You will understand how to apply techniques like sandboxing and open-source intelligence gathering to detect and analyse threats proactively. You will also be able to prepare your organisation for next-generation security challenges by understanding the requirements for secure AI systems and the transition to quantum-resistant cryptographic frameworks.
Up next
Secure administration
Privileged access allows administrators to perform their duties, and is often seen as the ‘keys to the kingdom’. This publication provides guidance on how to implement secure administration techniques as part of the management of privileged access.
Information security manual
The Information security manual (ISM) is a cyber security framework that an organisation can apply, using their risk management framework, to protect their information technology and operational technology systems from cyber threats