Release of Cyber Security Governance Principles

In an Australian first, the Australian Institute of Company Directors (AICD) and the Cyber Security Cooperative Research Centre (CSCRC) have released a new set of governance principles to help organisations strengthen their cyber security (Principles).

Recent cyber incidents at Optus and Medibank are a timely reminder of the importance of cyber security, and the need for boards to have clear guidance on how to best protect their organisation’s data, and most importantly the data of their customers and clients.

Minister for Cyber Security, Clare O’Neil said, “Building our nation’s cyber resilience is crucial. This will require a huge collective effort across government and industry, with company directors having a critical role to play. These Principles provide a clear picture of cyber security best practice for organisations across the whole economy.”

AICD Managing Director & CEO Mark Rigotti MAICD said, “We are delighted to be releasing these Principles with the CSCRC. Cyber security is a crucial area for boards and we know they are looking for as much support as possible. Building cyber resilience within organisations is ultimately about building resilience across the nation as well as capacity within our teams and organisation

Cyber Security Cooperative Research Centre CEO Rachael Falk MAICD said, “Companies must expect to be attacked and the worst thing any organisation can do in this current environment is to proceed with a false sense of security. This is a core risk that has to be incorporated into the everyday business of running any organisation.”

The Principles have been informed by extensive consultation with government, industry experts and the director community. They provide a practical framework for effective board oversight across five key areas:

• Roles and responsibilities
• Cyber strategy development and evolution
• Incorporating cyber into risk management
• Building a cyber resilient culture
• Preparing and responding to a significant cyber incident

The AICD and CSCRC look forward to doing their part to keep Australians safe.  

Download the media release here.

Download the principles here.

All media enquiries: Jane Braslin 0439 167 567

About the AICD

The AICD is committed to strengthening society through world-class governance. We aim to be the independent and trusted voice of governance, building the capability of a community of leaders for the benefit of society. Our membership of nearly 50,000 includes directors and senior leaders from business, government and the not-for-profit sectors.

About the CSCRC

The CSCRC is dedicated to fostering the next generation of Australian cyber security talent, developing innovative projects to strengthen our nation’s cyber security capabilities. We build effective collaborations between industry, government and researchers, creating real-world solutions for pressing cyber-related problems.

By identifying, funding and supporting research projects that build Australia’s cyber security capacity, strengthen the cyber security of Australian businesses and addressing pressing policy and legislative issues across the cyber spectrum, the CSCRC is a key player in the nation’s cyber ecosystem. The CSCRC has two research programs: Critical Infrastructure Security and Cyber Security as a Service.