What is the ACSC?

Michael Nyhuis
4 min read
The Australian Cyber Security Centre (ACSC) is an Australian Government agency specializing in cybersecurity. It monitors global cyber threats and provides expert insight and advice to both organizations and individuals.

It's part of the Australian Signals Directorate, which focuses on foreign signals intelligence and information security. The ACSC aims to make Australia safe online, informing organizations about best-practice cyber risk management and IT governance. Organizations of all sizes can take advantage of a range of cybersecurity programs to prove compliance and gain accreditation. The ACSC also runs a partnership scheme, which brings together cybersecurity experts from across all sectors and industries.

This article explains the ACSC and what it can offer both organizations and individuals.

The ACSC's services explained

The ACSC's free alert service gives updates about the latest changes in cybersecurity with up-to-date information on online threats. Beyond cybersecurity monitoring, the ACSC has a range of useful services for both individuals and organizations across Australia.

It provides resources and programs to improve cybersecurity provision in organizations of all sizes. Programs and publications give companies a real understanding of cybersecurity compliance and planning. These include mitigation strategies to help organizations prepare for cybersecurity incidents.

An example is the Essential Eight, which gives a phased introduction to implementing cybersecurity protection. Such a strategy informs key IT governance decisions and allows organizations to be proactive in their response to a cybersecurity incident.

ACSC for individuals

The ACSC has an advice center with resources to help individuals and families stay safe and secure online. Resources outline basic risk management strategies and help develop an understanding of cyber threats. The ACSC promotes awareness of cybersecurity for individuals through campaigns such as the Stay Smart Online (SSO) program.

ACSC for organizations

The ACSC has resources and tools for all businesses and organizations ' no matter how big or small ' which provide a clear approach to cybersecurity preparation. Resources include step-by-step guides for both small and large businesses to improve resilience and online risk management. A straightforward mitigation strategy also includes a framework for assessing vulnerabilities through internal audits and online risk management.

A range of programs allow organizations to prove their compliance with cybersecurity standards through certification. Many programs help large organizations with high-level IT governance, to gauge the IT security risks of online products and services.

An example of this is the Information Security Manual (ISM) which provides a framework for cybersecurity mitigation and IT governance. It helps organizations take a risk-based approach to cybersecurity, drawing on other international risk management standards. This approach can provide continuous improvement and plays a key role in compliance monitoring.

Diligent Compliance software can help your organization implement these programs by streamlining the process of proving compliance.

ACSC for Government

Services for government reflect those provided to large organizations, with emphasis on risk management and proper IT governance. There's also a focus on cybersecurity in areas such as critical infrastructure, which is usually a partnership between industry and government.

Publications and programs provide frameworks for internal audits, which highlight any cybersecurity non-compliance. An example includes Cloud Security Guidance, a framework to assess secure cloud services across government and industry. It allows organizations to assess a system's security controls, making a risk-based decision.

The ACSC partnership program

The ACSC offers a partnership program which brings together cybersecurity experts from organizations, institutes and government across Australia. The program acts as a forum to share cybersecurity knowledge through events, workshops and training activities.

The program involves cybersecurity specialists from a range of industries. Partners can share insights within their sector and beyond at regular forums and conferences. The aim is to broaden understanding around cyber threats and strengthen security.

The program exists within Joint Cyber Security Centres across Australia. Partners can also access a range of materials and training to build cybersecurity resilience. Training can improve areas such as incident response, online risk management, and proper IT governance.

Which organizations can become an ACSC partner?

The ACSC Partnership Program is not-for-profit. It brings together organizations across government and industry with expertise in cybersecurity. Organizations that can become an ACSC partner include:

  • Australian organizations dealing with IT security
  • Government agencies with a role in cybersecurity
  • Institutions with cybersecurity expertise such as research or academic organizations
  • Cybersecurity consultancy organizations

Support for cybersecurity compliance

Our Diligent Compliance software simplifies the IT governance process, helping your organization measure compliance and remedy gaps in cybersecurity. The software will help speed up internal IT audits and streamline a risk-based approach to cybersecurity.

Understand your obligations and take a data-driven approach to cybersecurity compliance with Diligent.
Related Insights
This is where Author Role goes
Michael Nyhuis
Michael Nyhuis is the former Director of Audit & Compliance at Diligent and a modern governance expert with over 25 years of experience.