ACSC programs and advice are being migrated to (see sidebar)


ACSC publications:

ACSC agencies' key documents:

Information security references

Strategies to Mitigate Cyber Security Incidents

  • Mitigation strategies
  • Essential Eight explained
  • Essential Eight maturity model
  • Essential Eight ISM mapping
  • Implementation guides

Australian Government Information Security Manual

  • Cyber security framework and guidelines
  • Supporting material
  • Changes document

Evaluated Products List and emanation security

Cloud computing and BYOD

Title Audience Published
Catch, Patch, Match educational video Everyone 15/01/2014
CyberSense educational video Everyone 13/05/2010
Detecting Socially-Engineered Messages Everyone 04/01/2019
Security Tips for Personal Devices Everyone 03/01/2019
Security Tips for Social Media Everyone 03/01/2019
Travelling Overseas with Electronic Devices (User Guidance) Everyone 04/01/2019
Using Consumer-Grade Email Services Everyone 04/01/2019
Essential Eight Explained Senior managers 04/01/2019
What Executives Should Know About Cyber Security Senior managers 04/01/2019
An Examination of the Redaction Functionality of Adobe Acrobat Pro DC 2017 Security practitioners 09/01/2019
Apple iOS Hardening Configuration Guide for iPod Touch, iPhones and iPads running iOS version 9 or higher Security practitioners 01/09/2016
Assessing Security Vulnerabilities and Applying Patches Security practitioners 04/01/2019
Cyber Security for Contractors Security practitioners 04/01/2019
Data Spill Management Guide Security practitioners 04/01/2019
Domain Name System Security Security practitioners 04/01/2019
Drive-by Downloads Security practitioners 03/01/2019
Essential Eight in Linux Environments Security practitioners 04/01/2019
Essential Eight Maturity Model UPDATED Security practitioners 25/02/2019
Essential Eight to ISM Mapping UPDATED Security practitioners 14/03/2019
Hardening Microsoft Office 365 ProPlus, Office 2019 and Office 2016 Security practitioners 04/01/2019
Hardening Microsoft Office 2013 Security practitioners 04/01/2019
Hardening Microsoft Windows 7 SP1 Workstations Security practitioners 09/01/2019
Hardening Microsoft Windows 8.1 Update Workstations Security practitioners 09/01/2019
Hardening Microsoft Windows 10, version 1709, Workstations Security practitioners 09/01/2019
Implementing Application Whitelisting Security practitioners 03/01/2019
Implementing Multi-Factor Authentication Security practitioners 03/01/2019
Implementing Network Segmentation and Segregation Security practitioners 03/01/2019
Introduction to Cross Domain Solutions Security practitioners 04/01/2019
Malicious Email Mitigation Strategies Security practitioners 14/01/2019
Microsoft Office Macro Security Security practitioners 04/01/2019
Minimising the Threat from Java-based Intrusions Security practitioners 12/07/2018
Mitigating Spoofed Emails Using Sender Policy Framework Security practitioners 04/01/2019
Mitigating the Use of Stolen Credentials Security practitioners 04/01/2019
Preparing for and Responding to Cyber Security Incidents Security practitioners 03/01/2019
Preparing for and Responding to Denial-of-Service Attacks Security practitioners 04/01/2019
Protecting Web Applications and Users Security practitioners 04/01/2019
Questions to ask Managed Service Providers Security practitioners 14/01/2019
Restricting Administrative Privileges Security practitioners 04/01/2019
Secure Administration Security practitioners 04/01/2019
Securing Content Management Systems Security practitioners 04/01/2019
Securing PowerShell in the Enterprise Security practitioners 06/03/2019
Windows Event Logging and Forwarding Security practitioners 14/01/2019
Travelling Overseas with Electronic Devices (Technical Guidance) Security practitioners 04/01/2019
Using Remote Desktop Clients Security practitioners 04/01/2019
Using Virtual Private Networks Security practitioners 04/01/2019

In August 2018 ACSC launched a new website,, to reflect its new organisation.

Cyber security programs and advice are being migrated to Information and advice on this site remains current.

Reports help the ACSC to develop a better understanding of the threat environment and will assist other organisations who are also at risk.

Cyber security incident reports are also used in aggregate for developing new defensive policies, procedures, techniques and training measures to help prevent future incidents.

Information for Australian businesses
Information for individual Australian citizens
Information for Federal, State and Local government agencies