Digital supply chain risk, data governance and regulatory and legislative shifts are some of the key updates captured in the refreshed Cyber Security Governance Principles.
Since their release in October 2022, the Principles, produced by the Australian Institute of Company Directors (AICD) and the Cyber Security Cooperative Research Centre (CSCRC), have become the leading source of cyber security governance guidance for Australian boards.
Given the scale and speed of changes in the cyber security landscape, the updated Principles reflect the evolving cyber threat landscape and best practice cyber resilience strategies. New case studies by former Telstra CEO Andy Penn and Ventia Services Group Chair David Moffat are included as well as a foreword by the Federal Government's Special Envoy for Cyber Security and Digital Resilience, Dr Andrew Charlton.
AICD Managing Director and CEO Mark Rigotti said the Principles have become the leading best-practice guidance for Australian directors when it comes to overseeing and managing cyber risks across organisations, large and small.
"Over recent years, global conflicts and the evolution of cybercrime have seen new threats emerge, and Australian boards are consistently placing cyber at the top of their agendas."
Rachael Falk, CSCRC CEO, said cyber security was of increasing importance and complexity for Australian organisations.
"Establishing good governance practices for cyber security, including understanding the strength of existing risk controls, who are our key digital suppliers, and keeping abreast of new and emerging threats and risks is vital for directors," Ms Falk said.
"These Principles will help Australian directors build a strong understanding of what 'good' looks like in relation to cyber governance and help keep Australian organisations and the community safer in our digital world."
The release of the updated Principles is timely, given the expected passage of the Federal Government's Cyber Security Bill this week.
Download the media release here.