Release of Cyber Security Governance Principles

Recent cyber incidents at Optus and Medibank are a timely reminder of the importance of cyber security, and the need for boards to have clear guidance on how to best protect their organisation’s data, and most importantly the data of their customers and clients.

Minister for Cyber Security, Clare O’Neil said, “Building our nation’s cyber resilience is crucial. This will require a huge collective effort across government and industry, with company directors having a critical role to play. These Principles provide a clear picture of cyber security best practice for organisations across the whole economy.”

AICD Managing Director & CEO Mark Rigotti MAICD said, “We are delighted to be releasing these Principles with the CSCRC. Cyber security is a crucial area for boards and we know they are looking for as much support as possible. Building cyber resilience within organisations is ultimately about building resilience across the nation as well as capacity within our teams and organisation

Cyber Security Cooperative Research Centre CEO Rachael Falk MAICD said, “Companies must expect to be attacked and the worst thing any organisation can do in this current environment is to proceed with a false sense of security. This is a core risk that has to be incorporated into the everyday business of running any organisation.”

The Principles have been informed by extensive consultation with government, industry experts and the director community. They provide a practical framework for effective board oversight across five key areas:

• Roles and responsibilities
• Cyber strategy development and evolution
• Incorporating cyber into risk management
• Building a cyber resilient culture
• Preparing and responding to a significant cyber incident

The AICD and CSCRC look forward to doing their part to keep Australians safe.

Download the media release here.