Search

Resources for business and government  

Resources for business and government on cybersecurity.

Cyber Incident Management Arrangements for Australian Governments   Publication

Sep 18, 2023 - The CIMA provides Australian governments with guidance on how they will collaborate in response to, and reduce the harm associated with, national cyber incidents.

Cyber Incident Management Arrangements for Australian Governments   News

Dec 18, 2018 - Australia’s Cyber Incident Management Arrangements (CIMA) outlines the inter-jurisdictional coordination arrangements and principles for Australian governments’ cooperation in response to national cyber incidents.

Mergers, acquisitions and Machinery of Government changes   Publication

Jun 10, 2022 - This publication provides guidance on strategies that organisations can apply during mergers, acquisitions and Machinery of Government changes.

Iranian Government-Sponsored APT Cyber Actors   Alert

Nov 17, 2021 - FBI and CISA have observed an Iranian government-sponsored APT group that are exploiting vulnerabilities to gain access to systems. The APT group has exploited the same Microsoft Exchange vulnerability in Australia.

Phone scams impersonating Australian businesses and government agencies   Alert

Aug 13, 2020 - Cybercriminals are spoofing Australian mobile numbers and pretending to be from an Australian Government agency, delivery company or business, manipulating the individual to gain access to their device.

Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities   Advisory

Nov 22, 2021 - Iranian government-sponsored APT actors are actively targeting a broad range of victims across multiple U.S. critical infrastructure sectors, including the Transportation Sector and the Healthcare and Public Health Sector, as well as Australian organisations.

Who we are  

Oct 25, 2022 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) leads the Australian Government’s efforts to improve cyber security. Our role is to help make Australia the most secure place to connect online.

Joint statement - Digital Transformation Agency and Australian Signals Directorate - Secure Internet Gateways update   News

Nov 1, 2021 - The Australian Government is further strengthening the ICT systems of Government entities by enhancing its Secure Internet Gateway (SIG) policy and through the Cyber Hubs initiative. The Digital Transformation Agency (DTA) is working on these initiatives with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).

SVR cyber actors adapt tactics for initial cloud access   Advisory

Feb 27, 2024 - How SVR-attributed actors are adapting to the move of government and corporations to cloud infrastructure.

Accessibility  

Feb 15, 2021 - Under the Disability Discrimination Act 1992, Australian Government agencies are required to ensure information and services are provided in a non-discriminatory, accessible manner.

Advice for Malicious Cyber Activity by Iran   News

Sep 15, 2022 - Australian organisations are urged to be alert to continued malicious cyber activity conducted by Advanced Persistent Threat (APT) actors, assessed to be affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC).

Cyber Safety and Security in Sport   News

Jun 8, 2023 - Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is partnering with Sport Integrity Australia and the Office of the e-Safety Commissioner to deliver the Cyber Safety and Security in Sport course. The course is part of the ASD’s ACSC's commitment to work with industry and government to strengthen Australia’s cyber security posture.

Single Reporting Portal   Guidance

Nov 22, 2023 - To help you meet your reporting responsibilities, the Australian Government has brought together a list of Commonwealth legislative reporting requirements that could be triggered by a cybersecurity incident.

Annual Cyber Threat Report 2023-2024   Reports and statistics

Nov 20, 2024 - ASD’s Annual Cyber Threat Report 2023–24 provides an overview of the key cyber threats impacting Australia, how ASD’s ACSC is responding and cyber security advice for Australian individuals, organisations and government to protect themselves online.

IRAP training partnership   News

Feb 23, 2021 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is partnering with organisations in South Australia and the ACT to deliver cyber security assessment training services for Australian business and organisations.

Cloud computing security for executives   Publication

Jan 18, 2024 - This publication is designed to provide executives from organisations looking to utilise cloud computing services an overview of the components that make up ‘cloud’ and help understand the security risks to be considered when using cloud computing.

ASD’s role in cybersecurity: For legal practitioners   Guidance

Dec 11, 2024 - During a cybersecurity incident, or suspected cybersecurity incident, our goal is to work with impacted organisations, their legal representation, and any external vendors engaged to investigate an incident on behalf of the organisation.

Gateway security guidance package: Executive guidance   Publication

Jul 29, 2022 - The purpose of this guidance is to inform decision-makers at the executive level of their responsibilities, the appropriate considerations needed to make informed risk-based decisions, and to meet policy obligations when leading the design or consumption of their organisation’s gateway services.

Supporting Australian organisations through a cybersecurity incident   Guidance

Dec 18, 2024 - Malicious cyber activity continues to pose a significant risk to Australia’s security and prosperity. Australian organisations that have been, or may be impacted by a cybersecurity incident, are encouraged to reach out to the Australian Signal’s Directorate (ASD) to seek  technical incident response advice and assistance.

Safeguard your business from cyber threats with the Australian Signals Directorate    News

May 13, 2024 - Australian business owners and organisations can access advice from the Australian Signals Directorate (ASD) to stay secure online.

Cyber sanction imposed on Russian cybercriminal for 2022 Medibank Private compromise   News

Jan 23, 2024 - Today Australia has imposed a cyber sanction under the Autonomous Sanctions Act 2011 on Russian national Aleksandr Ermakov for his role in the compromise of Medibank Private in 2022. This is the first time a sanction has been imposed under the Act.

Practical cyber security tips for business leaders   News

Jan 17, 2024 - Business leaders are at higher risk of a cyber incident due to the information they have access to, the people they interact with and the influence they have.

Securing Customer Personal Data for Small to Medium Businesses   News

Nov 17, 2023 - As data breaches increasingly impact Australian businesses and their customers, it’s crucial for businesses to improve their data security practices and ensure their customers’ personal data is handled appropriately.

The Commonwealth Cyber Security Posture in 2020   Reports and statistics

Jun 10, 2021 - The Commonwealth Cyber Security Posture Report in 2020 informs the Parliament of the status of the Commonwealth’s cybersecurity posture. Overall, the report found that Commonwealth entities continued to improve their cybersecurity in 2020. Ongoing effort is required to maintain the currency and effectiveness of cybersecurity measures.

Cyber resources for small businesses   News

Feb 11, 2022 - Last December, the Council of Small Business Organisations Australia (COSBOA) co-hosted an Act Now, Stay Secure breakfast at the National Portrait Gallery, along with the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the Department of Home Affairs.

Safer Internet Day 2021   News

Feb 9, 2021 - Safer Internet Day on 9 February 2021 aims to raise awareness of emerging online issues and share strategies everyone can use for staying secure online.

Best practices for event logging and threat detection   Publication

Aug 22, 2024 - This publication defines a baseline for event logging best practices to mitigate cyberthreats.

Gateway security guidance package: Overview   Publication

Jul 29, 2022 - This page provides an overview of ASD’s Gateway security guidance package.

BADBAZAAR and MOONSHINE: Spyware targeting Uyghur, Taiwanese and Tibetan groups and civil society actors   Advisory

Apr 9, 2025 - This advisory is jointly produced by government agencies from the UK, Australia, Canada, Germany, New Zealand, and the US and is supported by members of the NCSC’s Cyber League. Its purpose is to raise awareness about the growing threat that malicious cyber actors pose to individuals connected to topics including Taiwan, Tibet, Xinjiang Uyghur Autonomous Region, democracy movements and the Falun Gong.