Incident Management 1

Confidentiality, detection, and governance

Integrity, availability, and confidentiality

Resilience, incident response, and governance

Detection, response, and recovery

Identify

Respond

Protect

Recover

Every employee of a government department

Critical infrastructure owners and operators

Internet service providers

Vendors of consumer-grade software

A software tool for encrypting communication channels

A legal framework for reporting ransomware payments

A resource to help organisations restore communications and business services during a cyber incident

A mobile app for alerting the Australian Signals Directorate

Allow suppliers unrestricted access to internal networks

Avoid sharing incident reports with suppliers

Outsource cyber security training to third parties

Evaluate the cyber security posture and access level of third-party vendors

It delays business recovery

It helps document and improve future responses

Cyber Privacy Act 2020

SOCI Act

Cyber Security Act 2024

Information Systems Act

Store all backups on local networks

Expand 'asset' to include business-critical data systems

Disable remote access

Report incidents annually

Encrypt data at rest

Install systems

Monitor for unauthorized access

Package for delivery

Conduct a business impact analysis

Conduct a risk assessment

Conduct a business process analysis

Rank the applications in order of criticality