ACSC programs and advice are being migrated to (see sidebar)

Catch, Patch, Match video

Download (right-click > Save As) MP4 (50 MB) or OGV (43 MB)

Read transcript

Catch, Patch, Match video transcript

  1. The Information Age has changed the way you work…
  2. …the way you play.
  3. It touches almost every aspect of daily life…
  4. …and you're able to take advantage of all that it offers.
  5. But there are others who want to take advantage as well…
  6. …of the way you work
  7. …the way you access information
  8. …and the way you share it.
  9. They want to know about you…
  10. …your information
  11. …your organisation.
  12. They're part of a rapidly growing challenge to Australia's national security…
  13. …its economic prosperity
  14. …and social well-being.
  15. The cyber threat has now reached an unprecedented level.
  16. Government and industry are being threatened on a daily basis…
  17. …and the effects can be catastrophic.
  18. So who's after your information?
  19. There's the hackers who work alone…
  20. …seeing what they can get away with.
  21. Then there are hacktivists…
  22. …their activities are usually a form of protest.
  23. Criminal syndicates want to steal information…
  24. …they're looking to make money, serious money.
  25. Spies and state-based hackers pose the greatest threat to your information…
  26. …they are the most sophisticated and capable.
  27. They want information about Australia…
  28. …its policies
  29. …its industries
  30. …its intellectual property
  31. …and its defences.
  32. And they want to know what you're working on.
  33. So how are they getting in?
  34. A lot of the time you're showing hackers in through the front door.
  35. When you sacrifice security for speed.
  36. When you ignore policy - just to get the job done.
  37. It can be a USB stick used as a quick workaround…
  38. …or the random email opened without thinking.
  39. You may not be aware of it…
  40. …but your behaviour can make life easier for intruders.
  41. So how do you stop them getting in?
  42. The first step is to realise the value of your information…
  43. …and the consequences of it falling into the wrong hands.
  44. You can help make your organisation more resilient.
  45. That's where we come in - the Australian Signals Directorate.
  46. We're the Commonwealth authority on cyber security…
  47. …here to help you keep your information safe.
  48. We've developed strategies to mitigate cyber intrusions.
  49. Like all good strategies, the best ones are simple and effective.
  50. Your organisation needs to Catch, Patch and Match.
  51. Put it into practice.
  52. Catch malicious software with a white-list.
  53. This ensures only the software that's been approved can run.
  54. Everything else is blocked.
  55. Patch all your applications with updates - your operating system too.
  56. Ask your IT team.
  57. Do it now, intruders can take advantage of vulnerabilities in software.
  58. Match the right people with the right access.
  59. Only a few people need administration privileges.
  60. These privileges, in an intruder's hands, can spell disaster.
  61. If you Catch, Patch and Match, you can prevent at least 85% of the intrusion techniques ASD responds to.
  62. The threat is very real but there is something we can do.
  63. You can be part of the protection.
  64. Everyone has a part to play.
  65. Catch. Patch. Match.
  66. URL:


HD version hosted on YouTube

Catch, Patch, Match brochureCatch, Patch, Match (PDF) was launched in October 2012 to complement the updated Strategies to Mitigate Targeted Cyber Intrusions. It was updated in 2014 to reflect our new name and latest mitigation advice.


In August 2018 ACSC launched a new website,, to reflect its new organisation.

Cyber security programs and advice are being migrated to Information and advice on this site remains current.

Reports help the ACSC to develop a better understanding of the threat environment and will assist other organisations who are also at risk.

Cyber security incident reports are also used in aggregate for developing new defensive policies, procedures, techniques and training measures to help prevent future incidents.

Information for Australian businesses
Information for individual Australian citizens
Information for Federal, State and Local government agencies