Publications

Information security references

Strategies to Mitigate Cyber Security Incidents

  • Mitigation strategies
  • Essential eight explained
  • Essential eight maturity model
  • Implementation guides
  • Mandatory Top 4 requirement explained

Australian Government Information Security Manual

  • Executive Companion
  • Principles
  • Controls UPDATED November 2017

Evaluated Products List and emanation security

Cloud computing and BYOD

Search ASD website

Title Audience Published
Catch, Patch, Match educational video Everyone 15/01/2014
CyberSense educational video Everyone 13/05/2010
Detecting Socially-Engineered Messages Everyone 29/01/2018
High Profile and International Events Cyber Security Advice Everyone 12/11/2015
Security and Safety Tips for Social Media Everyone 29/01/2018
Top Security Tips for Personal Device Use Everyone 24/03/2017
Travelling Overseas with an Electronic Device Everyone 06/02/2017
Using Consumer-Grade Email Services Everyone 19/01/2018
Essential Eight Explained UPDATED Senior managers 20/03/2018
What Executives Should Know About Cyber Security NEW Senior managers 24/04/2018
Additional Security Considerations and Controls for Virtual Private Networks (VPNs) Security practitioners 12/04/2013
An Examination of the Redaction Functionality in Adobe Acrobat Pro (PDF) Security practitioners 12/11/2011
Antivirus Software using Reputation Rating Checking Security practitioners 29/01/2018
Apple iOS Hardening Configuration Guide for iPod Touch, iPhones and iPads running iOS version 9 or higher Security practitioners 01/09/2016
Assessing Security Vulnerabilities and Applying Patches Security practitioners 18/01/2018
Cyber Security for Contractors UPDATED Security practitioners 20/03/2018
Cyber Security Incident Reporting Security practitioners 18/01/2018
Cyber Security Incidents: Are You Ready? Security practitioners 20/03/2014
Data Spill Management Guide Security practitioners 20/08/2012
Data Spill Sanitisation Guide Security practitioners 20/08/2012
DNS Security Security practitioners 20/08/2012
Drive-by Downloads Security practitioners 20/12/2012
Essential Eight in Linux Environments NEW Security practitioners 20/03/2018
Essential Eight Maturity Model UPDATED Security practitioners 11/04/2018
Hardening Microsoft Office 2013 UPDATED Security practitioners 03/04/2018
Hardening Microsoft Office 2016 UPDATED Security practitioners 03/04/2018
Hardening Microsoft Windows 7 SP1 Workstations Security practitioners 18/12/2017
Hardening Microsoft Windows 8.1 Update Workstations Security practitioners 18/12/2017
Hardening Microsoft Windows 10 Workstations Security practitioners 18/01/2018
Implementing Application Whitelisting Security practitioners 18/01/2018
Introduction to Cross Domain Solutions (CDS) Security practitioners 18/01/2018
Malicious Email Mitigation Strategies Security practitioners 01/08/2016
Microsoft Office Macro Security Security practitioners 15/12/2016
Minimising the Threat from Java-based Intrusions Security practitioners 24/06/2014
Mitigating Spoofed Emails – Sender Policy Framework (SPF) Explained Security practitioners 20/12/2012
Mitigating the Use of Stolen Credentials to Access Agency Information Security practitioners 20/08/2012
Multi-factor Authentication Security practitioners 22/09/2017
Network Segmentation and Segregation Security practitioners 04/09/2012
Passphrase Requirements Security practitioners 02/11/2017
Preparing for and Responding to Cyber Security Incidents Security practitioners 13/09/2012
Preparing for and Responding to Denial of Service Activities Security practitioners 24/10/2014
Protecting Web Applications and Users – Technical guidance for improving web application security through implementing web browser-based mitigations Security practitioners 28/02/2012
Questions to ask Managed Service Providers UPDATED Security practitioners 20/03/2018
Restricting Administrative Privileges Security practitioners 18/01/2018
Secure Administration Security practitioners 29/09/2015
Securing Content Management Systems (CMS) Security practitioners 29/07/2015
Securing PowerShell in the Enterprise Security practitioners 15/03/2016
Technical Guidance for Windows Event Logging Security practitioners 31/07/2017
Travelling Overseas with an Electronic Device – Technical Advice Security practitioners 20/12/2012
Using Remote Desktop Clients Security practitioners 14/12/2011

Publications archive: past advice generally relating to old software, technology or events.