This page lists publications on governance strategies that can be applied to improve cyber security.

An introduction to Artificial Intelligence

Artificial Intelligence (AI) is an emerging technology that will play an increasingly influential role in the everyday life of Australians.

Cyber Incident Management Arrangements for Australian Governments

The CIMA provides Australian governments with guidance on how they will collaborate in response to, and reduce the harm associated with, national cyber incidents.

Engaging with Artificial Intelligence

The purpose of this paper is to provide organisations with guidance on how to use Artificial Intelligence (AI) systems securely. The paper summarises some important threats related to AI systems and includes cyber security mitigation strategies to aid organisations in engaging with AI while managing risk. It provides mitigations to assist both organisations that maintain their own AI systems and organisations that use third-party AI systems.

Mergers, Acquisitions and Machinery of Government Changes

This publication provides guidance on strategies that organisations can apply during mergers, acquisitions and Machinery of Government changes.

Planning for Post-Quantum Cryptography

A cryptographically relevant quantum computer (CRQC) will render most contemporary public key cryptography insecure, thus making ubiquitous secure communications based on current public key cryptography technology infeasible. As the creation of a CRQC presents new cyber security risks, organisations are encouraged to consider anticipating future requirements and dependencies of vulnerable systems during the transition to post-quantum cryptography (PQC) standards.

Preparing for and Responding to Cyber Security Incidents

The Australian Signals Directorate (ASD) is responsible for monitoring and responding to cyber threats targeting Australian interests. Reporting cyber security incidents to ASD ensures that timely assistance can be provided, if required. This may be in the form of investigations or remediation advice.

Preparing for and Responding to Denial-of-Service Attacks

Although organisations cannot avoid being targeted by denial-of-service attacks, there are a number of measures that organisations can implement to prepare for and potentially reduce the impact if targeted. Preparing for denial-of-service attacks before they occur is by far the best strategy, it is very difficult to respond once they begin and efforts at this stage are unlikely to be effective.

Questions for Boards to Ask About Cyber Security

Information on the importance of cyber security for board members in protecting their organisation and shareholders.

Vulnerability Disclosure Programs Explained

A vulnerability disclosure program (VDP) is a collection of processes and procedures designed to identify, verify, resolve and report on vulnerabilities disclosed by people who may be internal or external to organisations. The importance of developing, implementing and maintaining a well thought-out VDP cannot be underestimated. It is an integral part of professional organisations’ business operations.

Was this information helpful?

Thanks for your feedback!


Tell us why this information was helpful and we’ll work on making more pages like it