Cyber and Infrastructure Security Centre

Episode 5 of Critical Conversations season 2 is out now! ????? Join Hamish Hansford, Deputy Secretary of Cyber & Infrastructure Security, and special guest Dаvid Sandell CEO and co-founder of CI-ISAC Australia, as they have a critical conversation about the value of intelligence sharing across the critical infrastructure sectors. This episode of Critical Conversations dives into the role of CI- ISAC Australia in raising awareness of common threats to CI, and the important work of the Health Cyber Sharing Network in uplifting maturity to support the critical and complex services delivered by the Health Sector. Listen to the latest episode of Critical Conversations on all good podcast platforms?? https://lnkd.in/gh_paupr

? ALERT ? There are critical vulnerabilities affecting Ingress-NGINX Controller for Kubernetes that could allow unauthenticated remote code execution and full cluster takeover. We recommend organisations take the following actions: ? Review the advice and monitor the guidance at the official Kubernetes maintainer’s Ingress-NGINX Github Repository. ? Update to the latest version of Ingress-NGINX Controller. ? Ensure the admission webhook endpoint is not exposed externally. For more information read our alert ?? https://lnkd.in/g7FufsfP

? ALERT ? Organisations should be aware of a vulnerability in Next.js that could allow a remote hacker to bypass security checks. We recommend organisations take the following actions: ? Follow Next.js advice for affected versions. ? All self-hosted Next.js deployments should consider updating immediately. Further information and details to investigate potential compromise can be found in the Next.js security release. For more information read our alert ?? https://lnkd.in/gp5f6NqH

On Wednesday 12 March, Deputy Secretary Hamish Hansford hosted a town hall to provide an overview of the Cyber Security Rules & Security of Critical Infrastructure Rules, and to discuss the outcomes of the recent consultation process. ?? ? Missed the town hall? You can watch the recording on our website here ?? https://lnkd.in/eKKBPUSk

?? An additional 13 critical infrastructure assets have been declared as Systems of National Significance (SoNS). SoNS are a small subset of critical infrastructure assets that are most crucial to the nation, by virtue of their interdependencies across sectors and potential for cascading consequences to other critical infrastructure assets and sectors if disrupted. This brings the total number of SoNS to over 220 across the energy, communications, transport, financial services and markets, food and grocery, and data storage or processing sectors. By declaring an asset as a SoNS, the Australian Government can apply a comprehensive set of enhanced cyber security obligations on owners and operators to uplift cyber resilience to better protect Australians. The list of SoNS is not released to the public to protect Australia’s national security. ?? For more ?? https://lnkd.in/ghGGD8Jn To read the full media release visit: https://lnkd.in/gn4wpc3v

Join us in celebrating the one year anniversary of the refreshed Organisational Resilience HealthCheck Tool! ?? Today marks one year since the refreshed HealthCheck Tool was released, and we want to thank everyone who has used this free?self-assessment tool over the past 12 months! With 700 uses in the past year, organisations are encouraged to regularly evaluate their resilience capabilities via the HealthCheck Tool to ensure improvement and progression of your organisational resilience. The Department of Home Affairs partnered with the University of Tasmania to update the original Organisational Resilience HealthCheck Tool and?the Organisational Resilience: Good Practice Guide. The updated Tool is designed to help organisations and individuals evaluate their resilience capabilities by assessing against 13 resilience indicators which have been informed by contemporary organisational resilience methodologies. ? For more info and to access the HealthCheck Tool, visit ?? https://lnkd.in/gNKvFBFf

Join us in celebrating Australia’s cultural diversity this Harmony Week, Monday 17 to Sunday 23 March 2025. ?? ? The Cyber and Infrastructure Security Centre encourages respect and a sense of belonging for everyone. Our town halls, workshops and events foster inclusive environments where we encourage diversity and promote respect. ? We hope all owners and operators of critical infrastructure enjoy a week of celebrating inclusiveness and respect?this Harmony Week. ?? To get involved, visit the official website ?? https://lnkd.in/gx2X4NH

Last Friday we hosted our first Critical Infrastructure Advisory Council (CIAC) meeting for 2025! The Council covered a range of topics, including how to enhance the Trusted Information Sharing Network to better meet the needs of our critical infrastructure community.??? For more on how we partner with industry ?? https://lnkd.in/g5tdp4-V

Microsoft has released its March security updates. This included: ? 57 vulnerabilities patched. ? 6 vulnerabilities with evidence of exploitation. ? 6 'Critical' rated. Users should apply the patch updates ASAP ?? https://lnkd.in/evWDum-R

?? Join us tomorrow for our Town Hall: Cyber Security Rules & Security of Critical Infrastructure Rules! Wednesday 12 March 2025, 1:30pm-2:30pm AEDT. We will discuss the implementation of the Rules and how we can support industry?to become acquainted with obligations under the legislation. Register here ?? https://lnkd.in/eXpUUuR2