You can search for keywords to find pages that can help you e.g. scam
Contact us
Portal login
back to main menu
Learn about who we are and what we do.
Interactive tools and advice to boost your online safety.
Advice and information about how to protect yourself online.
Common online security risks and advice on what you can do to protect yourself.
Respond to cyber threats and take steps to protect yourself from further harm.
Resources for business and government agencies on cyber security.
Displaying search results for Displaying 241 - 270 of 661 results.
System hardening
Dec 2, 2020 - This page lists publications on the hardening of applications and IT equipment.
The Commonwealth Cyber Security Posture in 2023 Reports and statistics
Nov 16, 2023 - The Commonwealth Cyber Security Posture in 2023 informs Parliament on the implementation of cyber security measures across the Australian Government for the 2022–23 financial year. According to the Flipchart of PGPA Act Commonwealth entities and companies, as of 30 June 2023 the Australian Government comprised 100 non-corporate Commonwealth entities (NCEs), 72 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs); totalling 189 Australian government entities.
Report and recover from a data breach Guidance
Jul 14, 2023 - A data breach occurs when sensitive or personal information is accessed, disclosed or exposed to unauthorised people.
SDBBot targeting health sector Alert
Nov 12, 2020 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has observed increased targeting activity against the Australian health sector by actors using the SDBBot Remote Access Tool (RAT).
Be Ready - auDA Domain Name Changes News
Mar 23, 2022 - The new domain name category could leave your business or organisation open to fraudulent cyber activity, such as business email compromise.
Guidelines for secure AI system development Publication
Nov 27, 2023 - This document recommends guidelines for providers of any systems that use artificial intelligence (AI), whether those systems have been created from scratch or built on top of tools and services provided by others. This document is aimed primarily at providers of AI systems who are using models hosted by an organisation, or are using external application programming interfaces (APIs).
Gateway security guidance package: Gateway operations and management Publication
Jul 29, 2022 - This guidance is one part of a package of documents that forms the Australian Signals Directorate (ASD)’s Gateway security guidance package written for audiences responsible for the operation and management of gateways.
Archived Alerts and Advisories
Jan 23, 2025 - Search archived cyber security alerts and advice
Cloud Services Program page
Feb 24, 2023 - The Cloud Services Certification Program (CSCP) ceased on 2 March 2020. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) ceased the Certified Cloud Services List (CCSL) on 27 July 2020 and concurrently released the Cloud Security Guidance package.
Small business
Jun 15, 2023 - Basic steps to protect your business and staff from cyberthreats. Our guide has information and resources to help you and your staff prepare for cyberattacks.
System administration
Dec 3, 2020 - This page lists publications on securely administering systems.
Legacy IT management
Apr 11, 2024 - This page lists publications on managing the risks posed by legacy IT.
How to manage your security when engaging a Managed Service Provider Publication
Oct 6, 2021 - Understand the actions organisations can take to manage the security risks posed by engaging and authorising network access for managed service providers.
Shop online securely this holiday season News
Nov 8, 2023 - The holiday season is fast approaching and more Australian’s than ever are shopping online. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) are reminding Australians to be cyber secure when shopping online.
Are you ready for Australian domain name changes? Alert
Aug 8, 2022 - Australians have until 20 September 2022 to seek priority allocation of an .au direct domain name that matches their existing domain name.
Phone scams impersonating Australian businesses and government agencies Alert
Aug 13, 2020 - Cybercriminals are spoofing Australian mobile numbers and pretending to be from an Australian Government agency, delivery company or business, manipulating the individual to gain access to their device.
Cloud security guidance
Jan 18, 2024 - This page lists publications on securing the use of cloud computing services.
Russian GRU targeting Western logistics entities and technology companies Advisory
May 22, 2025 - This joint cybersecurity advisory (CSA) highlights a Russian state-sponsored cyber campaign targeting Western logistics entities and technology companies.
Essential Eight explained Publication
Nov 27, 2023 - This publication provides an overview of the Essential Eight.
MSP Investigation Report Reports and statistics
Dec 21, 2018 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) investigation report details the theft of commercial secrets, data and information from the Australian arm of a multinational construction services company via their Managed Service Provider.
Detecting and mitigating Active Directory compromises Publication
Jan 22, 2025 - This publication provides an overview of techniques used to compromise Active Directory, and recommended strategies to mitigate these techniques. By implementing the recommendations in this publication, organisations can significantly improve their Active Directory security, and therefore their overall network security posture.
Securing customer personal data Guidance
Jul 30, 2024 - This guide is focused specifically on the protection of customers’ personal data. Guidance on general cybersecurity for businesses can be found in the Small business cybersecurity guide and the Strategies to mitigate cybersecurity incidents published by ASD’s ACSC.
Cross Domain Solutions
Dec 3, 2020 - This page lists publications on security domains and trust boundaries.
Cyber Skills Framework Publication
Sep 10, 2020 - The Cyber Skills Framework enables targeted recruitment of cyber specialists, provides a development pathway for current and future cyber staff, and aligns skills, knowledge and attributes with national and international industry standards.
Incident response
Apr 12, 2024 - This page lists publications on preparing for and responding to cybersecurity incidents.
Managed service providers: How to manage risk to customer networks Publication
Oct 6, 2021 - There are several mitigation strategies that managed service providers can implement to protect their own networks and manage the security risks posed to their customers’ networks.
Guidelines for cybersecurity incidents Advice
Mar 18, 2025 - This chapter of the Information security manual (ISM) provides guidance on cybersecurity incidents.
Marketing and filtering email service providers Publication
Oct 6, 2021 - This publication provides high level guidance on how to use email service providers (ESPs) in particular deployment scenarios. The considerations and controls described in that publication also apply to ESPs sending email on other organisations’ behalf.
Implementing certificates, TLS, HTTPS and opportunistic TLS Publication
Oct 6, 2021 - Transport Layer Security (TLS) is a widely used encryption protocol which enables parties to communicate securely over the internet. Through the use of certificates and Public Key Infrastructure (PKI), parties can identify each other through a trusted intermediary and establish encrypted tunnels for the secure transfer of information.
Email hardening
Apr 11, 2023 - This page lists publications on the hardening of message exchange via electronic mail.
