Aug 12, 2019 - Organisations can reduce the likelihood of their domains being used to support fake emails by implementing Sender Policy Framework (SPF) and Domain-based Message Authentication, Reporting and Conformance (DMARC) records in their Domain Name System (DNS) configuration. Using DMARC with DomainKeys Identified Mail (DKIM) to sign emails provides further safety against fake emails.
Aug 5, 2019 - TLP: WHITE
Aug 1, 2019 - The Australian Cyber Security Centre within the Australian Signals Directorate produces the Australian Government Information Security Manual (ISM). The purpose of the ISM is to outline a cyber security framework that organisations can apply, using their risk management framework, to protect their information and systems from cyber threats.
Jul 18, 2019 - This publication provides guidance on strategies that organisations can apply during mergers, acquisitions and Machinery of Government changes.
Jul 4, 2019 - This document provides a mapping between Maturity Level 3 of the Essential Eight Maturity Model and the security controls within the Australian Government Information Security Manual (ISM). This mapping represents the minimum security controls organisations must implement to meet the intent of the Essential Eight.
Jul 3, 2019 - The ACSC has observed a large number of unprotected network and database/storage services hosted on Australian IP address ranges. This exposure may lead to data contained in these services being compromised. The ACSC urges organisations to check their externally facing internet services and ensure appropriate access controls and protections are in place.
Jul 2, 2019 - The Essential Eight Maturity Model provides advice on how to implement the Essential Eight in a phased approach. It also assists organisations in self-assessing the maturity of their implementation.
Jul 1, 2019 - The ACSC has taken over maintenance of the Evaluated Products List (EPL) from ASD. The EPL is a list of ICT security products evaluated by ACSC, and previously the ASD, for use in Australian and New Zealand government agencies.
Jun 25, 2019 - This guidance advises practitioners and executives of government, critical infrastructure, and large organisations the key concepts of cyber supply chain risk management. It is delivered as two complimentary products, a guide for practitioners, and an executive companion.
Jun 12, 2019 - This publication provides guidance on strategies that individuals can take to secure the use of electronic devices when travelling overseas.