26 files
-
State of Cybersecurity 2020
By Maria Armstrong
More than ever, companies are accepting that digital business is the way of the future.
Regardless of the industry, offering or customer base, digital tactics are needed to survive in a
dynamic and unpredictable environment. With this in mind, cybersecurity moves from a piece of
IT operations into an overarching business concern. From formal policies to specialized teams,
organizations are adopting the practices that will secure their new digital efforts, ultimately
moving towards a new framework that defines a modern mindset. This report examines the
state of cybersecurity as the world fully embraces digital transformation.
6 downloads
0 comments
Submitted
-
0 comments
Submitted
-
Australian Government Information Security Manual: October 2020 Changes
By Maria Armstrong
Using the Australian Government Information Security Manual Guidelines for Cyber Security Roles Guidelines for Cyber Security Incidents Guidelines for System Hardening5 downloads
0 comments
Submitted
-
Australian Government Information Security Manual: November 2020 Changes
By Maria Armstrong
Guidelines for Cyber Security Incidents Guidelines for Enterprise Mobility Guidelines for System Hardening Guidelines for System Management Guidelines for Networking
3 downloads
0 comments
Submitted
-
Australian Government Information Security Manual: February 2021 Changes
By Maria Armstrong
Guidelines for Outsourcing
Information technology and cloud services
Further information
The content was modified to include a reference to the ACSC’s new Identifying Cyber Supply Chain Risks publication.
Further information on cyber supply chain risk management can be found in the ACSC’s Cyber Supply Chain Risk Management publication at https://www.cyber.gov.au/acsc/view-all-content/publications/cyber-supply-chain-risk-management and the Identifying Cyber Supply Chain Risks publication at https://www.cyber.gov.au/acsc/view-all-content/publications/identifying-cyber-supply-chain-risks.
Guidelines for Networking
Network design and configuration
Further information
The content was modified to include a reference to the ACSC’s two new publications on Domain Name Systems.
Further information on Domain Name Systems can be found in the ACSC’s Domain Name System Security for Domain Owners publication at https://www.cyber.gov.au/acsc/view-all-content/publications/domain-name-system-security-domain-owners and the Domain Name System Security for Domain Resolvers publication at https://www.cyber.gov.au/acsc/view-all-content/publications/domain-name-system-security-domain-resolvers.
Please note: There is no requirement for organisations to be compliant with every monthly update to the Australian Government Information Security Manual (ISM). Instead, organisations are encouraged to review the security risks for their systems (using the latest version of the ISM available at the time) based on a frequency suitable for their business requirements and in accordance with their corporate risk management framework. Further information on applying the ISM can be found in the Using the Australian Government Information Security Manual chapter.
4 downloads
0 comments
Submitted
-
Australian Government Information Security Manual: April 2021 Changes
By Maria Armstrong
Applying monthly ISM updates
Please note: There is no requirement for organisations to immediately implement monthly updates to the Australian Government Information Security Manual (ISM). Instead, organisations are encouraged to review the security risks for their systems (using the latest version of the ISM available at the time) based on a frequency suitable for their business requirements and in accordance with their corporate risk management framework. For example, every month, every three months (quarterly), every six months (semi-annually) or every year (annually).
8 downloads
0 comments
Submitted
-
Creating a Cyber Ready Culture in Your Remote Workforce: FIVE TIPS
By Maria Armstrong
In response to the COVID-19 pandemic, many small and mid-sized enterprises (SMEs)
around the world have closed their offices and told people to work from home.
Many organizations and their employees were not prepared for this sudden shift to
remote work, nor are they prepared for the possibility that remote work will become
far more common in the future.
11 downloads
0 comments
Submitted
-
Categorizing Data Breach Severity with a Breach Level Index
By Maria Armstrong
Data breaches have become a common occurrence, and the reality of the problem is much worse than current perceptions, because the general population is only aware of publicly disclosed breaches. It is not aware of the multitudes of breaches that either are not under any disclosure mandate, or breaches that have not yet been detected. The latter category is a very large number, since most research shows that it can take months or even years before an organization detects a breach.
7 downloads
0 comments
Submitted
-
Australian Emanation Security Program (ESP)
By Maria Armstrong
Australian Communications-Electronic Security Instruction, ACSI-77 (B) is an Unclassified, Non-Registered publication issued under the authority of the Director, Defence Signals Directorate (DSD). It is effective from the date of issue.
The Australian Emanation Security Program sets out the requirements for government and industry agencies to be formally recognised by the National Authority, DSD as attaining the necessary qualifications to conduct Emanation Security (EMSEC) practices to National TEMPEST Standards.
8 downloads
0 comments
Submitted
-
Data Protection Basics for Remote Workers
By Maria Armstrong
In response to COVID-19, there was a rapid shift to remote work. Now, as the pandemic enters a new
phase, we are seeing another shift to a hybrid work environment, in which some employees will be
working from home, some from the office, and some from both home and office. This new reality will
likely last through the year, at least, raising new challenges in protecting data.
Protecting your organization’s data is important to the security and sustainability of your organization and you,
as an employee, play a critical role in this protection. If each person is conscientious, the organization can build
a culture of cyber readiness that spans from the home to the of fice.
For many remote workers, the data you will be accessing are documents (word processing, spreadsheets,
or presentations), files (accounting), or databases (customer ma nagement or order tracking). Your company’s most
critical asset is data and strong cybersecurity protects your data. To adhere to basic rules for data protection,
you will likely need to change certain aspects of your behavior.
To start, always be aware of what device (e.g. phone, laptop) you are using (company or personal), how you connect
to the Internet (e.g. home WiFi, café, library) and your company’s network (e.g. do you use a VPN or not),
and how you access, work on, transfer, and store data (e.g. email, apps, etc.).
4 downloads
0 comments
Submitted
-
Ransomware Playbook
By Maria Armstrong
How to prepare for, respond to, and recover from a ransomware attack
To Pay or Not to Pay? This question is often the first one many organizations consider
after they are hit with a ransomware attack.
Unfortunately, the choice is not simple. Many organizations simply don’t know how to
protect against ransomware. This guide is intended to provide a roadmap for organizations
(e.g., small and medium-sized businesses, state and local governments) to secure
themselves against this growing threat.
7 downloads
0 comments
Submitted
-
Making Your Remote Workforce Cyber Ready
By Maria Armstrong
Although technology enables people to work remotely, it also opens the door to new cybersecurity and data
protection risks.
Now more than ever, every organization needs to have a designated Cyber Readiness Leader – someone who
will guide your workforce. To learn more about our free Cyber Readiness Program and the role of the Cyber
Leader, please check out our website (www.cyberreadinessinstitute.org).
5 downloads
0 comments
Submitted
-
Keeping Educators and Students Safe
By Maria Armstrong
Our nation’s educators and students are in uncharted territory as remote learning becomes the norm for school
systems across the country. Remote learning brings tremendous opportunities that we could not have imagined
30-40 years ago.
For teachers, it means that their mission can continue. For students (and parents), it means the classroom has
no boundaries and an adjusted sense of normalcy can exist in these uncertain times.
We are fortunate that today’s advanced technologies will enable teachers and students to continue to work
together. It also means we need to take precautions to ensure that we are all protected.
There are some easy steps that teachers can take to protect their online safety and security and that
of their students.
3 downloads
0 comments
Submitted
-
Top Three Dos & Don’ts for Remote Workers
By Maria Armstrong
Cyber criminals are using the COVID-19 pandemic to take advantage of remote workers by
stealing their personal and professional information. To protect yourself in this growing threat
environment and new security reality, outlined below are simple dos and don’ts to be more cyber ready.
Since the start of the pandemic, everybody has learned to take three simple actions to stay healthy.
Wash your hands for 20 seconds. Don’t touch your face. Stay six feet apart. Sure, it took some behavioral
change, but you’re probably used to it after a few weeks. You need to take the same “can-do” attitude
in changing simple behaviors regarding how you use your computer, tablet and smartphone.
Cybersecurity takes a collaborative community effort, similar to what is required to fight the coronavirus.
So, please share this guide with your co-workers, family and friends.
4 downloads
0 comments
Submitted
-
Australian Government Information Security Manual
By Maria Armstrong
Guidelines for communications infrastructure
2 downloads
0 comments
Submitted
-
OAIC Notifiable Data Breaches Report July to December 2020
By Maria Armstrong
About this report
The Office of the Australian Information Commissioner (OAIC) periodically publishes statistical information about notifications received under the Notifiable Data Breaches (NDB) scheme to assist entities and the public to understand the operation of the scheme. This report captures notifications made under the NDB scheme for the period from 1 July to 31 December 2020.
Where data breaches affect multiple entities, the OAIC may receive multiple notifications relating to the same breach. Notifications relating to the same incident are counted as a single notification in this report.
The source of any given breach is based on information provided by the reporting entity. Where more than one source has been identified or is possible, the dominant or most likely source has been selected. Source of breach categories are defined in the glossary at the end of this report.
As with previous reports, notifications made under the My Health Records Act 2012 are not included as they are subject to specific notification requirements set out in that Act.
NDB scheme statistics in this report are current as of 8 January 2021. However, a number of notifications included in these statistics are still under assessment and their status and categorisation are subject to change. This may affect statistics for the period July to December 2020 that are published in future reports. Similarly, there may have been adjustments to statistics in previous NDB reports because of changes to the status or categorisation of individual notifications after publication. As a result, references to statistics from before July 2020 in this report may differ from references in earlier published reports.
2 downloads
0 comments
Submitted
-
Adopting Encrypted DNS in Enterprise Environments
By Maria Armstrong
Executive summary
Use of the Internet relies on translating domain names (like “nsa.gov”) to Internet Protocol addresses. This is the job of the Domain Name System (DNS). In the past, DNS lookups were generally unencrypted, since they have to be handled by the network to direct traffic to the right locations. DNS over Hypertext Transfer Protocol over Transport Layer Security (HTTPS), often referred to as DNS over HTTPS (DoH), encrypts DNS requests by using HTTPS to provide privacy, integrity, and “last mile” source authentication with a client’s DNS resolver. It is useful to prevent eavesdropping and manipulation of DNS traffic. While DoH can help protect the privacy of DNS requests and the integrity of responses, enterprises that use DoH will lose some of the control needed to govern DNS usage within their networks unless they allow only their chosen DoH resolver to be used. Enterprise DNS controls can prevent numerous threat techniques used by cyber threat actors for initial access, command and control, and exfiltration.
Using DoH with external resolvers can be good for home or mobile users and networks that do not use DNS security controls. For enterprise networks, however, NSA recommends using only designated enterprise DNS resolvers in order to properly leverage essential enterprise cybersecurity defenses, facilitate access to local network resources, and protect internal network information. The enterprise DNS resolver may be either an enterprise-operated DNS server or an externally hosted service. Either way, the enterprise resolver should support encrypted DNS requests, such as DoH, for local privacy and integrity protections, but all other encrypted DNS resolvers should be disabled and blocked. However, if the enterprise DNS resolver does not support DoH, the enterprise DNS resolver should still be used and all encrypted DNS should be disabled and blocked until encrypted DNS capabilities can be fully integrated into the enterprise DNS infrastructure.
This guidance explains the purpose behind the DoH design and the importance of configuring enterprise networks appropriately to add benefits to, but not hinder, their DNS security controls. The following recommendations will assist enterprise network owners and administrators to balance DNS privacy and governance.
1 download
0 comments
Submitted
-
PRIVACY AND DATA PROTECTION CHECKLIST
By Maria Armstrong
LexisNexis® Regulatory Compliance
LexisNexis Regulatory Compliance is a legal obligations register and alerting solution that combines regulatory content with technology to
empower you to take control of your compliance obligations.
9 downloads
0 comments
Submitted
-
Locked Out: Tackling Australia’s ransomware threat
By Maria Armstrong
As our world becomes more interconnected, the threats related to cyber security continue to increase.
This was recognised by the Australian Government through the development and launch, in conjunction
with its Industry Advisory Panel, of Australia’s Cyber Security Strategy 2020 last year.
Significant initiatives since then have included the consultation and subsequent introduction into
Parliament of legislation to boost the cyber defences of Australia’s critical infrastructure and systems of national
significance.
The Strategy’s initiatives have preempted the malicious cyber activity that continued to grow pre COVID and
has accelerated as COVID related restrictions forced many to work and study from home and more activities
have become virtual.
Against this background ransomware has become one of the most immediate, highest impact cyber threats to
Australia.
3 downloads
0 comments
Submitted
-
CompTIA IT Security Community Data Breach Response Planning Guide
By Maria Armstrong
INTRODUCTION
The same things that make you valuable to your client as a managed service provider make you a target
for a security breach. Your expertise in storing, accessing and maintaining sensitive information draws the
attention of cybercriminals. Your connections to multiple platforms, vendors and clients are enticing for
bad actors looking for one-stop shops for their own black market supplies: credit card information, social
security numbers, personal information, internal contacts and other sensitive information.
Unfortunately, far too many managed service providers have found themselves to be not only enticing
victims, but also fruitful targets. Be it a lack of preparedness, human error or technical insufficiencies,
information technology companies have struggled to meet the data security challenges we now face.
CompTIA’s IT Security Community has created this tool to help guide you as you prepare a data breach
response plan. The tips you’ll find here range from the big picture (preplanning and testing) to the details
(keeping related notes of an incident separate from day-to-day business), but are all designed to take
fear of the unknown out of the equation. Even if you already have robust data security policies and a
clearly defined data breach response plan, you may find a new idea or recommendation to further
improve your posture. By sharing this planning guide with team members, you reinforce the idea that
data security is not a passive, one-and-done activity. It’s every day. It’s a mindset. It must become
embedded into your culture.
Luckily, there are some proven methods of training, planning and activating the proper support teams
that will help you prevent what you can and respond appropriately to limit the impact of a security
breach. This guide follows the structure of the National Institute of Standards and Technology’s (NIST)
Cybersecurity Framework (CSF) and highlights where in the CSF you can find more information. Please
note that the NIST CSF is a framework, not a standard. The recommendations and concepts within the
framework can be applied globally to any compliance standard or alternate security framework with
which you may already be familiar. Of course, your plan should cover more than is shared here. Use this
planning guide to get you started, highlight areas you may have missed and help you through them.
10 downloads
0 comments
Submitted
-
Center for Internet Security - Controls Version 8
By Maria Armstrong
The CIS Controls® started as a simple grassroots activity to identify the most common
and important real-world cyber-attacks that affect enterprises every day, translate that
knowledge and experience into positive, constructive action for defenders, and then
share that information with a wider audience. The original goals were modest—to help
people and enterprises focus their attention and get started on the most important
steps to defend themselves from the attacks that really mattered.
Led by the Center for Internet Security® (CIS®), the CIS Controls have matured into an
international community of volunteer individuals and institutions that:
• Share insights into attacks and attackers, identify root causes, and translate that
into classes of defensive action
• Create and share tools, working aids, and stories of adoption and problem-solving
• Map the CIS Controls to regulatory and compliance frameworks in order to ensure
alignment and bring collective priority and focus to them
• Identify common problems and barriers (like initial assessment and implementation
roadmaps), and solve them as a community
The CIS Controls reflect the combined knowledge of experts from every part of the
ecosystem (companies, governments, individuals), with every role (threat responders
and analysts, technologists, information technology (IT) operators and defenders,
vulnerability-finders, tool makers, solution providers, users, policy-makers, auditors,
etc.), and across many sectors (government, power, defense, finance, transportation,
academia, consulting, security, IT, etc.), who have banded together to create, adopt, and
support the CIS Controls.
5 downloads
0 comments
Submitted
-
AUSTRALIA’S CYBER SECURITY STRATEGY 2020
By Maria Armstrong
Ensuring Australians are secure online is a shared responsibility – everyone has a role to play.
This Strategy sets out our plan to protect Australians online.
The world has never been more interconnected; our reliance on the internet for our prosperity and
way of life never greater. Australia’s response to the COVID-19 pandemic has shown the importance
of secure online connectivity. It has also shown Australians’ resilience and resolve to work together for
a common goal. That same whole-of-nation partnership between government, businesses and the
community must also be applied to ensuring Australia is cyber secure.
1 download
0 comments
Submitted
-
Ransomware in Australia (October 2020)
By Maria Armstrong
The Australian Signals Directorate’s (ASD) Australian Cyber Security Centre (ACSC) has observed an increase in the number of ransomware incidents affecting Australian organisations and individuals.
This information on risks, impacts and preventative actions associated with ransomware incidents is intended to inform Australian small to medium businesses, industry organisations and Commonwealth entities. The preventative measures outlined below can also be applied to Australian individuals seeking to protect themselves against ransomware incidents.
3 downloads
0 comments
Submitted
-
Managed Service Provider Better Practice Principles
By Maria Armstrong
This document specifies the Australian Cyber Security Centre (ACSC) better practice principles for Managed Service Providers (MSPs). MSPs commit to these principles as a requirement of joining the ACSC Managed Service Provider Partner Program (MSP3).
7 downloads
0 comments
Submitted
-
ACSC Annual Cyber Threat Report July 2019 to June 2020
By Maria Armstrong
This report outlines key cyber threats and statistics over the period 1 July 2019 to 30 June 2020. Over this period, the ACSC responded to 2,266 cyber security incidents and received 59,806 cybercrime reports at an average of 164 cybercrime reports per day, or one report every 10 minutes.
1 download
0 comments
Submitted