Stumbled across the acronym ACSC in your cybersecurity travels? Faced with so many different buzzwords and acronyms in the field, the words all seem to blur after a while. But not to worry! We’re here to fill you in on all the details about the Aus government’s Australian Cyber Security Department – and how it can help your business.
What is the ACSC?
Created in 2014, the Australian Cyber Security Centre is a public-facing service within the Australian government’s Australian Signals Directorate branch. The ACSC itself is designed to be the foremost authority on cybersecurity for Australia, its citizens and residents, business, government, and academic organisations, and international partners.
The ACSC helps Australians and our international partners become more cyber resilient through advice, alerts, technical guidelines, and national initiatives. It’s your government agency go-to for all things cybersecurity.
So, what is the ASD?
While many Aussies know of ASIO (although may not know that it stands for the Australian Security Intelligence Organisation), most have never heard of the ASD. In fact, many of the activities you thought ASIO might do are actually a function of the Australian Signals Directorate.
The Australian Signals Directorate is a public service under the Australian government’s Department of Defence. The ASD takes care of tasks like foreign signals intelligence, offensive cyber activities on behalf of Australia, and fighting cyber crime. The ACSC shares many of the lessons learned from the ASD’s secret activities to help Aussies be more cyber secure within their own systems.
How does the ACSC help Australians?
General ACSC functions
24×7 cybersecurity hotline
For questions or issues to do with cybersecurity, the ACSC offers a 24×7 hotline: 1300 CYBER1 (1300 292 371).
Advice on cyber threats and protecting yourself against them
ACSC advice covers information on all the different types of common threat types, along with key security areas like passphrases, MFA, device security, and network security basics.
Cyber threat reporting and recovery processes
The ACSC is the best place to report a cyber incident and receive guidance on how to recover from events like data breaches, malware, phishing, account compromise, and hacking.
Publishing important cybersecurity alerts
These alerts are provided to inform of critical, high, medium, and low vulnerabilities in popular software, for instance the following recent alerts:
- Multiple vulnerabilities in Jenkins products
- Serious vulnerabilities in Atlassian products including Confluence, Jira, and Bitbucket
Publishing important advisory notes
These advisory notes keep the public up-to-date on recent cybersecurity news that may impact them, for instance the following recent advisory notes:
- Russian FSB cyber actor Star Blizzard continues worldwide spear-phishing campaigns
- #StopRansomware: Play Ransomware
Guidance on specific topics
The ACSC also provides more comprehensive deep dives and associated guidance on hot topics and tech trends such as the most recent publication, Engaging with AI. Engaging with AI covers topics and case studies in areas including prompt injection attacks and model stealing attacks, and provides mitigation advice.
ACSC functions for businesses
The Essential Eight
The Essential Eight (E8) is a standardised set of security guidelines and an associated maturity model to help protect organisations from the most common cyber threats. The E8 is mandated in federal government departments and is becoming increasingly popular for organisations of all sizes.
The Information Security Manual
The Information Security Manual (ISM) provides a cybersecurity framework that leverages an organisation’s existing risk management framework to provide a comprehensive, documented, way to protect systems and data.
Other actionable exercises, frameworks and resources
The ACSC provides action-oriented advice in the form of Exercise in a Box, the Cyber Skills Framework, Cloud Assessment and Authorisation, Implementing MFA, and more.
Implement the ACSC’s recommendations
Not sure where to start with the ACSC’s recommendations or have hit a bump in the road? We provide expert consulting and assistance in helping organisations roll out solutions that cover the ACSC’s guidance, including the Essential Eight and other action items. Make the call and get in contact with us today.