Search

Strategies to mitigate cyber security incidents   Publication

Feb 1, 2017 - The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help organisations mitigate cyber security incidents caused by various cyber threats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.

Foundations for modern defensible architecture   Publication

Oct 23, 2025 - The Foundations represent the first step to help organisations adopt a ‘modern defensible architecture’ approach, which will enable them to evolve alongside the threat landscape.

Guidelines for communications systems   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on communications systems.

Protect yourself from ransomware   Guidance

Feb 12, 2025 - A ransomware attack could block you from accessing your device or the information on it. Take some time to consider how a ransomware attack might affect you.

Preventing business email compromise   Guidance

Apr 11, 2023 - There are many easy steps and actions you can take now to protect your business. Learn about the simple, cost-effective and immediately beneficial protective measures you can implement.

Critical Infrastructure Uplift Program (CI-UP)   Program

Apr 16, 2024 - The Critical Infrastructure Uplift Program (CI-UP) offers a range of services that assist critical infrastructure (CI) partners to improve their resilience against cyber attacks.

Gateway security guidance package: Gateway technology guides   Publication

Jul 29, 2025 - This guidance is one part of a package of documents that forms the gateway security guidance package. When designing, procuring, operating, maintaining or disposing of a gateway, it is important to consider all the documents from the gateway security guidance package at different stages of governance, design and implementation, and not to consume this guidance in isolation.

Are you ready for Australian domain name changes?   Alert

Aug 8, 2022 - Australians have until 20 September 2022 to seek priority allocation of an .au direct domain name that matches their existing domain name.

Be Ready - auDA Domain Name Changes   News

Mar 23, 2022 - The new domain name category could leave your business or organisation open to fraudulent cyber activity, such as business email compromise.

Windows event logging and forwarding   Publication

Oct 6, 2021 - This publication has been developed as a guide to the setup and configuration of Microsoft Windows event logging and forwarding.

Joint advisory released for Managed Service Providers and Customers to mitigate cybersecurity risks   News

May 12, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has today joined with international cyber security agency partners, to warn Managed Service Providers (MSP) of pressing cyber risks and provide guidance on suitable mitigations for them and their customers.

Security configuration guide: Apple iOS 14 devices   Publication

Oct 6, 2021 - ASD has developed this guide to assist Australians to understand risks when deploying iOS 14 devices and the security requirements that need to be met to allow them to handle classified data.

Implementing multi-factor authentication   Publication

Nov 27, 2023 - This publication has been developed to provide guidance on what multi-factor authentication is, different multi-factor authentication methods that exist and why some multi-factor authentication methods are more secure, and therefore more effective, than others.

The Commonwealth Cyber Security Posture in 2020   Reports and statistics

Jun 10, 2021 - The Commonwealth Cyber Security Posture Report in 2020 informs the Parliament of the status of the Commonwealth’s cyber security posture. Overall, the report found that Commonwealth entities continued to improve their cyber security in 2020. Ongoing effort is required to maintain the currency and effectiveness of cyber security measures.

Secure your NAS device   Guidance

Nov 29, 2024 - Protect your network-attached storage (NAS) device and the important data it holds with this guide.

The Commonwealth Cyber Security Posture in 2023   Reports and statistics

Nov 16, 2023 - The Commonwealth Cyber Security Posture in 2023 informs Parliament on the implementation of cyber security measures across the Australian Government for the 2022–23 financial year. According to the Flipchart of PGPA Act Commonwealth entities and companies, as of 30 June 2023 the Australian Government comprised 100 non-corporate Commonwealth entities (NCEs), 72 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs); totalling 189 Australian government entities.

The Commonwealth Cyber Security Posture in 2024   Reports and statistics

Dec 5, 2024 - The Commonwealth Cyber Security Posture in 2024 informs the Australian Parliament on cyber security measures implemented across the Australian Government for the 2023–24 financial year.

Progress ongoing to improve the Australian Government’s cyber resilience   News

Feb 12, 2026 - The 2025 Commonwealth Cyber Security Posture Report highlights ongoing progress in implementing the Australian Signals Directorate’s Essential Eight mitigation strategies.

Information stealer malware   Guidance

Jul 15, 2025 - Information stealer malware is a type of malware designed to steal sensitive data from devices. This can include user credentials, browser data and more.

Small business cyber security guide   Publication

Jun 16, 2023 - This guide includes basic security measures to help protect your business against common cyber threats.