Guide: Navigating Cyber Security Challenges in Australian Business
AICD Offers Cyber Guidance for Directors
Australian Institute of Company Directors (AICD) has released formal cyber security principles to guide company boards of directors on managing the “core risk” of cyber security.
As Medibank and Optus continue to navigate major data breaches, the Australian Institute of Company Directors (AICD) has released formal cyber security principles to guide company boards of directors who are exhorted to brush up on managing the “core risk” of cyber security.
Produced through a collaboration between the AICD and Cyber Security Cooperative Research Centre (CSCRC), the newly released Cyber Security Governance Principles document establishes a framework to help directors manage cyber risk within their organisations.
This includes establishing roles and responsibilities around cyber security; developing and evolving cyber strategy; incorporating cyber risk into existing risk management strategies; building a resilient cyber culture across the organisation; and preparing and responding to a significant cyber incident.
The five stages of the framework are:
1. Identity – Understand the organisation and its cyber security risks, including external threats, internal vulnerabilities and potential impacts.
2. Protect – Develop appropriate strategies to protect against identified risks, such as implementing technical controls, establishing policies and procedures, or engaging third-party providers.
3. Detect – Establish processes for monitoring the security posture of the organisation, both internally and externally, to identify incidents as soon as possible.
4. Respond – Have plans in place to respond quickly and effectively when incidents occur, including restoring operations and handling customer data responsibly.
5. Recover – Develop plans for post-incident recovery activities and review the cyber security measures in place to ensure appropriate lessons are learned, and future incidents are prevented.
By following these five steps, directors can build a comprehensive and effective cybersecurity program tailored to their organisation’s needs. It is important that organisations recognise that cyber security is an ongoing process and should be reviewed regularly as threats evolve and new technologies emerge. The AICD Cyber Security Framework provides a structured way to ensure that directors are taking steps to protect their organisations from ever-evolving cyber threats.
The guidance also includes a five-step checklist of “practical low-cost steps” for directors of small businesses and not-for-profit organisations.
Reference: AICD Cyber Security Governance Principles
Your Security is our Priority
Your friendly Support Team
Speak to us about all your computer needs
This is Part of our Cyber Security awareness educational campaign. Through this training, you will learn awareness and key principles, and best practices to protect yourself, your organisation, and the public from cyber attackers. You will also be equipped with the knowledge to identify potential threats and take action before any damage can occur.