Search

Stay ahead of the quantum threat with post-quantum cryptography   News

Sep 22, 2025 - Get updated advice to help your organisation plan and prepare for post-quantum cryptography.

New publication to help small businesses manage cyber security risks from AI   News

Jan 14, 2026 - Learn about the cyber security risks and mitigations you should consider when adopting AI. This publication also includes an example of deploying AI chatbots securely and a cyber security checklist.

Principles for the secure integration of Artificial Intelligence in Operational Technology   Publication

Dec 4, 2025 - This publication provides guidance for critical infrastructure owners and operators for integrating AI into operational technology (OT) environments. It outlines key principles to leverage the benefits of AI in OT systems while minimising risk.

Cyber security terminology   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on cyber security terminology.

ASD's ACSC/NCSC collaboration to strengthen cyber security posture   News

Nov 4, 2022 - The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and the UK’s National Cyber Security Centre (NCSC) are committed to improving our respective nation’s cyber security posture and protecting our networks from cyber threats.

Russian State-Sponsored and Criminal Cyber Threats to Critical Infrastructure   Advisory

May 17, 2022 - The cybersecurity authorities of the United States, Australia, Canada, New Zealand, and the United Kingdom are releasing this joint Cybersecurity Advisory (CSA). The intent of this joint CSA is to warn organizations that Russia’s invasion of Ukraine has altered the geopolitical balance in ways that could expose organizations both within and beyond the region to increased malicious cyber activity. This activity may occur as a response to the unprecedented economic costs imposed on Russia as well as materiel support provided by the United States and U.S. allies and partners.

End of support   Guidance

Jul 29, 2024 - ‘End of support’ is when software is no longer support by the product developer that makes it. It will no longer receive security updates, general software updates or technical support.

Guidelines for cryptography   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on cryptography.

Microsoft introduces Exchange Emergency Mitigation service   News

Oct 1, 2021 - Microsoft has launched a new optional protection for Microsoft Exchange servers.

The Commonwealth Cyber Security Posture in 2023   Reports and statistics

Nov 16, 2023 - The Commonwealth Cyber Security Posture in 2023 informs Parliament on the implementation of cyber security measures across the Australian Government for the 2022–23 financial year. According to the Flipchart of PGPA Act Commonwealth entities and companies, as of 30 June 2023 the Australian Government comprised 100 non-corporate Commonwealth entities (NCEs), 72 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs); totalling 189 Australian government entities.

SonicWall devices targeted with ransomware utilising stolen credentials   Alert

Aug 3, 2021 - SonicWall devices are being targeted by a malicious cyber actor as targets for ransomware. The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is aware of likely related activity targeting Australian organisations.

Detecting and mitigating Active Directory compromises   Publication

Jan 22, 2025 - This publication provides an overview of techniques used to compromise Active Directory, and recommended strategies to mitigate these techniques. By implementing the recommendations in this publication, organisations can significantly improve their Active Directory security, and therefore their overall network security posture.

Deploying AI systems securely   Publication

Apr 16, 2024 - AI security is a rapidly evolving area of research. As agencies, industry, and academia discover potential weaknesses in AI technology and techniques to exploit them, organizations will need to update their AI systems to address the changing risks, in addition to applying traditional IT best practices to AI systems.

2021 Top Malware Strains   Advisory

Aug 5, 2022 - This joint Cybersecurity Advisory (CSA) was coauthored by the Cybersecurity and Infrastructure Security Agency (CISA) and the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC).

Hardening Microsoft Windows 10 workstations   Publication

Sep 4, 2025 - This publication provides recommendations on hardening workstations using Enterprise and Education editions of Microsoft Windows 10. While this publication refers to workstations, most recommendations are equally applicable to servers (with the exception of Domain Controllers) using Microsoft Windows Server. Security features discussed in this publication, along with the names and locations of Group Policy settings, are taken from Microsoft Windows 10 version 22H2.

Mitigating cyber security incidents  

Aug 30, 2023 - The Australian Signals Directorate has developed prioritised mitigation strategies to help organisations mitigate cyber security incidents caused by various cyber threats.

Internet of Things devices   Guidance

Apr 11, 2023 - IoT devices can include smart televisions, security cameras and fridges. Learn how to buy and use IoT devices securely.

APT40 Advisory   Advisory

Jul 9, 2024 - This advisory, authored by the Australian Signals Directorate’s Australian Cyber Security Centre and international partners, outlines a People’s Republic of China (PRC) state-sponsored cyber group and their current threat to Australian networks.

Cyber security principles   Advice

Dec 4, 2025 - Follow the Information security manual (ISM)'s cyber security principles to protect information technology and operational technology systems, applications and data from cyber threats.

The Commonwealth Cyber Security Posture in 2022   Reports and statistics

Dec 16, 2022 - The Commonwealth Cyber Security Posture in 2022 (the report) informs Parliament on the implementation of cybersecurity measures across the Commonwealth government, for the period January 2021 to June 2022. As of June 2022, the Commonwealth comprised 97 non-corporate Commonwealth entities (NCCEs), 71 corporate Commonwealth entities (CCEs) and 17 Commonwealth companies (CCs).