Latest publications

Information Security Manual (ISM)

The Australian Government Information Security Manual (ISM) provides better practice cyber security advice for ICT systems. It complements the Protective Security Policy Framework. There are three ISM documents, each targeting different levels within your … read more

Joint report on publicly available hacking tools

This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the UK and USA. It highlights the use of five publicly available tools, observed in recent cyber incidents around the world. To … read more

Essential Eight Explained (PDF)

This publication provides a high-level overview of the eight essential mitigation strategies from the Strategies to Mitigate Cyber Security Incidents. Essential Eight Explained (PDF) read more

What Executives Should Know About Cyber Security (PDF)

This publication discusses high-level topics that executives should know about cyber security within their organisations. What Executives Should Know About Cyber Security (PDF) read more

Remote access protocol

External parties may need to connect remotely to critical infrastructure control networks. This is to allow manufacturers of equipment the ability to maintain the equipment when a fault is experienced that cannot be fixed in the required timeframe. Such access … read more

ACSC Threat Report 2017

This is the third Australian Cyber Security Centre (ACSC) Threat Report. It continues to reflect the experience, focus, and mandates of the ACSC’s member organisations. This report provides an insight into what the Centre has been seeing, learning, and … read more

An Examination of the Redaction Functionality in Adobe Acrobat Pro (PDF)

This publication assesses the effectiveness of Adobe Acrobat Pro’s ability to redact information from PDF documentations. An Examination of the Redaction Functionality in Adobe Acrobat Pro (PDF) read more

AISEP Interpretation 10: Periodic Management Review

This AISEP Interpretation provides policy in the ACP on conducting the periodic AISEP management review. Download: AISEP Interpretation 10: Periodic Management Review (PDF) read more

AISEP Interpretation 11: Evaluation Scope

This AISEP Interpretation clarifies the policy in the ACP and AEP to explicitly identified functionality excluded from the scope of a product’s evaluation to the consumers. Download: AISEP Interpretation 11: Evaluation Scope (PDF) read more

AISEP Interpretation 12: Re-use of Development Environment Assessment (DEA) Evidence

This AISEP Interpretation provides guidance in the AEP on the re-use of previous DEA evidence. Download: AISEP Interpretation 12: Re-use of Development Environment Assessment (DEA) Evidence (PDF) read more

AISEP Interpretation 13: Evaluators' Experience

This AISEP Interpretation provides policy in the AEP to include Evaluators’ experience in the APR. Download: AISEP Interpretation 13: Evaluators’ Experience (PDF) read more

AISEP Interpretation 8: Qualifications of Principal Certifier

This AISEP Interpretation clarifies the necessary qualifications that the Principal Certifier should hold in order to perform their duties. Download: AISEP Interpretation 8: Qualifications of Principal Certifier (PDF) read more