Harmonising cyber security guidance for Australian industry


Australian small business rely on digital technologies to enable a range of critical business functions. However, due to their size, small businesses are likely to have insufficient resources and capacity to adequately protect the systems and data they rely on.

On 18 July 2018, AustCyber released its policy paper Cyber security guidance for Australian industry – opportunities to harmonise for a globally competitive economy, which builds on the analysis undertaken by the MITRE Corporation for AustCyber on analysing the NIST Mobile Device Security Guide’s applicability to Australia.

Through its work with MITRE, AustCyber recommends that in order to maximise opportunities for small businesses to improve their resilience to cyber threats, Australian governments:

  1. as much as possible, seek to harmonise cyber security guidance and information resources with international frameworks and standards, noting those most commonly used are the NIST Cybersecurity Framework and the ISO 27000 Series on Information Security Management.
  2. appropriately communicate their cyber security guidance and advice to key actors in Australian industry to achieve broad uptake of international best practice across the economy.

AustCyber looks forward to continuing its engagement with government, industry and academia on this important issue.