Search

Engaging with artificial intelligence   Publication

Jan 24, 2024 - The purpose of this paper is to provide organisations with guidance on how to use artificial intelligence (AI) systems securely. The paper summarises some important threats related to AI systems and includes cybersecurity mitigation strategies to aid organisations in engaging with AI while managing risk. It provides mitigations to assist both organisations that maintain their own AI systems and organisations that use third-party AI systems.

Assessment and evaluation programs  

Sep 3, 2025 - ASD's ACSC's programs and resources to support the assessment and evaluation of information security and critical infrastructure.

Types of scams   Guidance

Learn about the common types of scams, how to identify them and how to recover from them.

Identifying cyber supply chain risks   Publication

May 22, 2023 - This guidance has been developed to assist organisations in identifying risks associated with their use of suppliers, manufacturers, distributors and retailers (i.e. businesses that constitute their cyber supply chain).

Modern defensible architecture for senior decision-makers   Publication

Oct 23, 2025 - ASD’s ACSC and the following international partners present this guidance to assist senior decision-makers to understand the contemporary threat landscape and how modern defensible architecture can support organisations to defend against current threats and prepare for future threats.

Business Continuity in a Box   Guidance

Aug 21, 2024 - Business Continuity in a Box assists organisations to swiftly and securely stand up critical business functions during or following a cybersecurity incident that has affected the availability or trust of existing systems.

Guidelines for communications systems   Advice

Dec 4, 2025 - This chapter of the Information security manual (ISM) provides guidance on communications systems.

How to manage your security when engaging a managed service provider   Publication

Oct 6, 2021 - Understand the actions organisations can take to manage the security risks posed by engaging and authorising network access for managed service providers.

Security configuration guide: Samsung Galaxy S10, S20 and Note 20 devices   Publication

Oct 6, 2021 - ASD has developed this guide to assist Australian’s to understand risks when deploying Samsung Galaxy and Samsung Note devices and the security requirements that need to be met to allow them to handle classified data.

SVR cyber actors adapt tactics for initial cloud access   Advisory

Feb 27, 2024 - How SVR-attributed actors are adapting to the move of government and corporations to cloud infrastructure.

Best practices for event logging and threat detection   Publication

Aug 22, 2024 - This publication defines a baseline for event logging best practices to mitigate cyber threats.

Glossary  

List of glossary terms used on cyber.gov.au website

COVID-19 themed malicious cyber activity   Advisory

Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.

Protect your children online: A guide to cybersecurity for parents and carers   Guidance

May 2, 2024 - The steps in this guide can help you ensure that your children stay safe and secure online.

Implementing SIEM and SOAR platforms   Guidance

May 27, 2025 - SIEM and SOAR platforms can greatly benefit your organisation by collecting, centralising, and analysing important data, detecting cyber security events and incidents and prompting timely intervention.

Malicious insiders   Threat

Jun 23, 2020 - Malicious insiders can be employees, former employees, contractors or business associates who have legitimate access to your systems and data, but use that access to destroy data, steal data or sabotage your systems. It does not include well-meaning staff who accidentally put your cyber security at risk or spill data.

Preparing for and responding to denial-of-service attacks   Publication

Mar 17, 2025 - Although organisations cannot avoid being targeted by denial-of-service attacks, there are a number of measures that organisations can implement to prepare for and potentially reduce the impact if targeted. Preparing for denial-of-service attacks before they occur is by far the best strategy, it is very difficult to respond once they begin and efforts at this stage are unlikely to be effective.

Mergers, acquisitions and Machinery of Government changes   Publication

Jun 10, 2022 - This publication provides guidance on strategies that organisations can apply during mergers, acquisitions and Machinery of Government changes.

Contact us  

Feb 25, 2023 - Contact ASD's ACSC for general enquiries and media enquiries.

Threat update: COVID-19 malicious cyber activity 27 March 2020   Advisory

Mar 27, 2020 - This update is designed to raise awareness of increasing COVID-19 themed malicious cyber activity, and provide practical cyber security advice that organisations and individuals can follow to reduce the risk of being impacted.