This is the second Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) Threat Report. It continues to reflect on the experience, focus, and mandates of the ASD's ACSC’s member organisations. The report provides an insight into what the Centre has been seeing, learning, and responding to, focusing on specific areas of change or new knowledge obtained.
But we at the ASD's ACSC are not just focused on the problem. Importantly, this document also contains mitigation and remediation advice to assist organisations to prevent, and respond to, cyber threats.
The current hype associated with the proliferation of ‘threat intelligence’ can be a distraction from what really matters: the motivation to allocate effort and resources to improving your cyber security posture by implementing technical controls. If you are relying on threat intelligence to respond to threats already discovered, it is too late for you and your organisation.