Australia releases a practical framework for cyber governance principles

The Australian Institute of Company Directors (AICD) and the Cyber Security Cooperative Research Centre (CSCRC) have published ‘Cybersecurity Governance Principles‘, a set of governance principles and a ‘practical framework’ for organisations to strengthen their cyber resilience. The principles cover five main areas: roles and responsibilities, cyber strategy, cyber risk management, cyber resilient culture, and cyber incident planning.

These guidelines build on the recently published ‘Cybersecurity Performance Goals for Critical Infrastructure’ by the US Department of Homeland Security as an example of best practice and are being considered by the Australian government as it reviews its cyber laws following a spate of recent high-profile hacks.