Cyber and Infrastructure Security Centre

We would like to congratulate Kyile W. from Transgrid who was one of our CISM 2024 Quiz winners! Our CISM 2024 page has lots of resources to help you grow your knowledge of CI security & resilience ?? https://lnkd.in/gJ6BbP2z

?? 3 days left to participate in the consultation on the Guiding Principles to embed Zero Trust Culture! Zero trust is a principle-based model that promotes the concept that users and devices should be granted access to an organisation’s digital infrastructure only when necessary, and only to components required. For more information visit: https://lnkd.in/gZzgWRbq

Cyber security is a team sport, and the aim of the game is collaboration – not competition. This week I was pleased to be joined by senior representatives from Australia’s major supermarket operators – Coles, Woolworths, ALDI and Metcash – to put cyber response plans under the microscope and stress test our ability to respond to a cyber incident. While Australia maintains a high level of food security, we know that no sector of the Australian economy is immune to cyber threats. The National Cyber Exercise Program is a key initiative of Australia’s Cyber Security Strategy that tests, validates and strengthens Australia's nationwide cyber security arrangements to ensure we are prepared to respond to cyber incidents. Throughout the day, our industry partners worked through a hypothetical cyber security scenario, together with the National Office of Cyber Security and other government representatives, putting incident response plans and cross-sector collaboration to the test. My two key takeaways: 1: the more we practice our response in a test environment, the better our ability will be to protect against real attacks, and 2: success is driven by the way government and industry work as a team.

?? Interested in joining the Supply Chain Expert Advisory Group?(SCEAG)? The closing date for nominations is Monday 24 February 2025! ?? Don't miss the opportunity to be part of a new cross-sector working group that will support the security and resilience of critical infrastructure supply chains. Details on how to submit your expression of interest available here ?? https://lnkd.in/gxeR3BC9

?? Reminder: The formal consultation on the Subordinate Legislation to the Cyber Security Act and the Security of Critical Infrastructure Act will close on Friday 14 February at 5pm AEDT. Provide your submission here ?? https://lnkd.in/dGxmS97k

Join Justine Jones, First Assistant Secretary of the Cyber and Infrastructure Security Centre and James Watson, former Australian Border Force (ABF) Assistant Commissioner South as they have a critical conversation about Operation JETENGINE. ??? This episode of Critical Conversations will dive into Operation JETENGINE as it aims to identify, monitor and disrupt criminality within the aviation supply chain across Victoria and Tasmania. ?? Under Operation JETENGINE, ABF officers working in Air Border Security teams at Melbourne International Airport are alert to Aviation employees who access Customs Controlled areas without authorisation – to exploit their trusted positions at airports – for the purpose of conducting criminal activity. Listen to Critical Conversations on all good podcasting platforms ?? https://lnkd.in/gh_paupr Podbean ?? https://cisc.podbean.com/ Spotify ?? https://lnkd.in/gEYrvsdA Amazon ?? https://lnkd.in/gPDdpfjU Apple Podcasts ?? https://lnkd.in/gPm5antj

Today we have released new 'Foundations for modern defensible architecture' (the Foundations), which have been developed to assist organisations to prepare and plan for the adoption of technologies based on zero trust principles and secure-by-design practices. Enabling organisations to uplift their cyber security using zero trust and secure-by-design is a core priority for us, so you can be resilient as the cyber threat landscape continues to evolve. The Foundations introduce modern defensible architecture as an approach to assist organisations in applying consistent, foundational goals to build, maintain, update and enhance their IT systems. Thanks to our government and industry partners, including the CISO Lens and CISO Tribe who contributed feedback on the Foundations! We are now seeking broader feedback from industry and government on the Foundations. Specifically, ASD would like to know: ? if you have any suggested improvements to the draft Foundations ? what further advice and guidance you would value, to inform our future work program ? if you have any case studies, experiences or lessons learned you wish to discuss or provide to inform this work. If you manage networks or procure IT, read the Foundations and provide your feedback ?? https://lnkd.in/g3cbbiG9 #ZeroTrust #SecurebyDesign

Did you miss our first deep dive into the draft Telecommunications Rules which support the implementation of the Security of Critical Infrastructure and Other Legislation (ERP) Act 2024? We are hosting a second session tomorrow, Tuesday 11th February, 1:00pm – 2:00pm AEDT! To register to attend this session visit ?? https://lnkd.in/gEdhM687

We are establishing a Supply Chain Expert Advisory Group (SCEAG) as part of the Trusted Information Sharing Network (TISN) and as endorsed by the Critical Infrastructure Advisory Council. The SCEAG will be a cross-sector working group that will facilitate the consideration of issues in relation to secure and resilient critical infrastructure supply chains. As this is a newly established advisory group, we are pleased to advise that we will be looking to initially fill eight voluntary positions. We are seeking a wide range of skills, knowledge and experience in our SCEAG members to support the work of the group, including the following: ??Supply chain knowledge and/or experience ??Supply chain network hazards ??Risk and resilience?? ??Relevant industry experience. We encourage interested and qualified persons who able to commit to several virtual meetings per year to apply. For more information on how to apply to become a SCEAG member please contact [email protected] Nominations will be accepted until COB Monday 24 February 2025 and will be reviewed by the appointed panel. Interviews will be arranged for shortlisted applicants.

Formal consultation on the Subordinate Legislation to the Cyber Security Act and the Security of Critical Infrastructure Act will close on Friday 14 February at 5pm AEDT. This is your reminder that you have one week left to provide a submission? The Department is committed to working closely with industry to develop the associated Rules and implement these legislative changes under the Cyber Security Legislative Package, and we invite you to participate in continued industry consultation to support the security and uplift of Australia’s critical infrastructure. Provide your submission here?? https://lnkd.in/dGxmS97k In December 2024, we held a town hall outlining this consultation process. Watch the town hall here ?? https://lnkd.in/eKKBPUSk