Cybersecurity

The Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC) leads the Australian Government's efforts on cybersecurity. It brings together capabilities to improve the cyber resilience of the Australian community and help make Australia the most secure place to connect online.

What we do

ASD is committed to making Australia the most secure place to connect online. We do this by comprehensively understanding the cyberthreats, and providing proactive advice and assistance to improve cyber posture and resilience risk management by government, businesses and the community. When serious cyber incidents occur, ASD leads the Australian Government response to help mitigate the threat and strengthen defences.

In an environment where technology plays an increasing role in the daily lives of Australians, our cybersecurity functions continue to be critical in supporting national security and prosperity. Australia continues to be targeted by a range of actors who conduct persistent cyber operations that pose significant threats to Australia, ASD continues to observe an increase in the speed with which malicious actors have researched and then pivoted to exploit publicly released vulnerabilities.
ASD remain focused on emerging cyberthreats, including those to critical infrastructure and technologies, families and businesses.

ASD provides cybersecurity advice and services to government, critical infrastructure, industry and the Australian public. Our cybersecurity advice is published on our cybersecurity website, cyber.gov.au.

Our key cybersecurity services that we offer include:

  • the Australian Cybersecurity Hotline, which is contactable 24 hours a day, 7 days a week, via 1300 CYBER1 (1300 292 371)
  • publishing Alerts, technical advice, Advisories and notifications on significant and emerging cybersecurity threats
  • cyberthreat monitoring and intelligence sharing with our partners in Australia and overseas to counter cybersecurity threats
  • ASD cybersecurity partnership program that supports information sharing and onboarding to ASD cybersecurity services between Australian organisations
  • exercises and uplift activities to enhance the cybersecurity resilience of Australian organisations.

ASD's key cybersecurity guidance and programs

ASD delivers partnerships, programs and technical capability that strengthen national cybersecurity or resilience.

Information Security Manual

The Australian Signals Directorate produces the Information Security Manual (ISM). The purpose of the ISM is to outline a cybersecurity framework that an organisation can apply, using their risk management framework, to protect their systems and data from cyberthreats. The ISM is intended for Chief Information Security Officers, Chief Information Officers, cybersecurity professionals and information technology managers.

Essential Eight mitigation strategies

The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies, in the form of the Strategies to Mitigate Cybersecurity Incidents, to help organisations protect themselves against various cyberthreats. The most effective of these mitigation strategies are the Essential Eight.

The Essential Eight has been designed to protect organisations’ internet-connected information technology networks. While the principles behind the Essential Eight may be applied to enterprise mobility and operational technology networks, it was not designed for such purposes and alternative mitigation strategies may be more appropriate to defend against unique cyberthreats to these environments.

Strategies to mitigate cybersecurity incidents

The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help organisations mitigate cybersecurity incidents caused by various cyberthreats. This guidance addresses targeted cyber intrusions (i.e. those executed by advanced persistent threats such as foreign intelligence services), ransomware and external adversaries with destructive intent, malicious insiders, ‘business email compromise’, and industrial control systems.

Report a cybercrime, incident or vulnerability

If you have been a victim of a cybercrime, cyber incident or cyber vulnerability you can report it at cyber.gov.au/report

ASD’s Cybersecurity Partnership Program

The ASD's Cybersecurity Partnership Program enables Australian organisations and individuals to engage with ASD's ACSC and fellow partners, drawing on collective understanding, experience, skills and capability to lift cyber resilience across the Australian economy.

Information Security Registered Assessors Program (IRAP)

The Infosec Registered Assessors Program (IRAP) ensures entities can access high-quality security assessment services

Critical Infrastructure Uplift Program

The Critical Infrastructure Uplift Program (CI-UP) offers a range of scaled and tailored services. It assists critical infrastructure Partners to improve their resilience against sophisticated cyberattacks.

National Exercise Program

Our National Exercise Program helps critical infrastructure and government organisations validate and strength Australia's nationwide cybersecurity arrangements.

The cybersecurity threat

The internet is a critical part of our business and social lives. Electronic systems and digital information are essential for business and families, with most Australians using the web to bank, pay bills, buy and sell goods and services, and stay connected.

While this digital age presents enormous opportunity, connectivity also brings exposure to malicious cyber activity. We provide advice and assistance to all Australians to help make Australia the safest place to connect online.

Acknowledgement of Country icon

Acknowledgement of Country

We acknowledge the Traditional Owners and Custodians of Country throughout Australia and their continuing connections to land, sea and communities. We pay our respects to them, their cultures and their Elders; past, present and emerging. We also recognise Australia's First Peoples' enduring contribution to Australia's national security.

Authorised by the Australian Government, Canberra