This page lists publications on governance strategies that can be applied to improve cybersecurity within organisations.
Mergers, acquisitions and Machinery of Government changes
This publication provides guidance on strategies that organisations can apply during mergers, acquisitions and Machinery of Government changes.
Planning for post-quantum cryptography
A cryptographically relevant quantum computer (CRQC) will render most contemporary public key cryptography insecure, thus making ubiquitous secure communications based on current public key cryptography technology infeasible. As the creation of a CRQC presents new cybersecurity risks, organisations are encouraged to consider anticipating future requirements and dependencies of vulnerable systems during the transition to post-quantum cryptography (PQC) standards.
Practical cybersecurity tips for business leaders
Business leaders can be appealing targets for malicious actors due to the sensitive information they can access, the important people they interact with and the influence they hold. This publication includes a checklist of practical tips business leaders can implement to improve their cybersecurity. The checklist is followed by a brief explanation of each tip and why it is recommended.
Questions for the board of directors to ask about cybersecurity
Information on the importance of cybersecurity for the board of directors in protecting their organisation and shareholders.
Ten things to know about data security
This publication has been developed to assist business owners and information technology managers, particularly those unfamiliar with cybersecurity, with ten things they should know about data security.
Vulnerability disclosure programs explained
A vulnerability disclosure program (VDP) is a collection of processes and procedures designed to identify, verify, resolve and report on vulnerabilities disclosed by people who may be internal or external to organisations. The importance of developing, implementing and maintaining a well thought-out VDP cannot be underestimated. It is an integral part of professional organisations’ business operations.