This page lists publications on governance strategies that can be applied to improve cyber security.
Cyber Incident Management Arrangements for Australian Governments
The CIMA provides Australian governments with guidance on how they will collaborate in response to, and reduce the harm associated with, national cyber incidents.
Mergers, Acquisitions and Machinery of Government Changes
This publication provides guidance on strategies that organisations can apply during mergers, acquisitions and Machinery of Government changes.
Planning for Post-Quantum Cryptography
A cryptographically relevant quantum computer (CRQC) will render most contemporary public key cryptography insecure, thus making ubiquitous secure communications based on current public key cryptography technology infeasible. As the creation of a CRQC presents new cyber security risks, organisations are encouraged to consider anticipating future requirements and dependencies of vulnerable systems during the transition to post-quantum cryptography (PQC) standards.
Preparing for and Responding to Cyber Security Incidents
The Australian Signals Directorate (ASD) is responsible for monitoring and responding to cyber threats targeting Australian interests. Reporting cyber security incidents to ASD ensures that timely assistance can be provided, if required. This may be in the form of investigations or remediation advice.
Preparing for and Responding to Denial-of-Service Attacks
Although organisations cannot avoid being targeted by denial-of-service attacks, there are a number of measures that organisations can implement to prepare for and potentially reduce the impact if targeted. Preparing for denial-of-service attacks before they occur is by far the best strategy, it is very difficult to respond once they begin and efforts at this stage are unlikely to be effective.
Questions for Boards to Ask About Cyber Security
Information on the importance of cyber security for board members in protecting their organisation and shareholders.
Vulnerability Disclosure Programs Explained
A vulnerability disclosure program (VDP) is a collection of processes and procedures designed to identify, verify, resolve and report on vulnerabilities disclosed by people who may be internal or external to organisations. The importance of developing, implementing and maintaining a well thought-out VDP cannot be underestimated. It is an integral part of professional organisations’ business operations.