ACSC's 2018 Information Security Manual released


By Dylan Bushell-Embling
Tuesday, 04 December, 2018



ACSC's 2018 Information Security Manual released

The Australian Cyber Security Centre (ACSC) has released the latest update to the Australian Government Information Security Manual (ISM), which aims to support a move to a risk-based approach to cybersecurity.

The ISM outlines a best practice approach to cybersecurity based on the ACSC’s experience in responding to Australian incidents.

The 2018 release of the manual aims to provide government organisations with greater flexibility to manage their cybersecurity based on their own unique circumstances.

It includes guidance covering a wide range of areas, including responding to cybersecurity incidents, as well as guidelines for enterprise mobility, communications systems and infrastructure security, physical and personnel security, email and network management, and the use of cryptography.

Updates to the guidance mostly concentrate on streamlining and simplifying existing content, as well as the move from a compliance-based regime to a risk management approach.

The ISM now also includes new controls to support the implementation of the Australian Securities Directorate’s Essential Eight cyber threat mitigation strategies.

“The ISM is updated regularly to make sure people are best equipped to tackle the security risks associated with prevailing cyber threats. You’ll see the document has been streamlined, to remove duplication and make it easier to use,” ACSC Head Alastair MacGibbon said.

“What hasn’t changed is each organisation’s responsibility to protect their people, information and assets.”

Image credit: ©Nmedia/Dollar Photo Club

Please follow us and share on Twitter and Facebook. You can also subscribe for FREE to our weekly newsletter and quarterly magazine.

Related Articles

Exploring the subtleties of data sharing

Frameworks for data sharing, as opposed to data release, need to be developed to preserve...

US federal agencies have poor cyber risk management

The US Government Accountability Office (GAO) has uncovered major issues during an audit of 23...

Public sector organisations vulnerable to cyber attacks

Nearly half of security professionals at public sector organisations in markets including...


  • All content Copyright © 2019 Westwick-Farrow Pty Ltd