Australian Signals Directorate (ASD) – formerly the Defence Signals Directorate (DSD) – released its comprehensive Information Security Manual (ISM) in 2012 and updated it in 2014 to be the standard that governs the security of Australian Government ICT systems. It recognised that both public and private networks are subject to persistent and sophisticated levels of cyber security threat from numerous sources.
To deal with increasingly sophisticated targeted attacks, the ISM Principles advise Australian organisations to adopt a risk-based approach to protecting their information and ICT systems. The Australian Government Protective Security Policy Framework, and other nominated references, provide information about how to implement Information Security Risk Management processes to support the policy.
The Huntsman® ISM Compliance Guide summarises the main controls of the ISM, shows how Huntsman technology maps to them, and how it helps organisations to assess and manage key aspects of their IT risk status, such as:
- Readiness to respond to targeted cyber security incidents
- The controls to protect the organisation from serious threats
- The potential cost of a cyber security incident
- Effectiveness of fostering a strong security culture.
This ISM compliance guide covers the following key concepts:
- IT security risk, IT security monitoring, risk mitigation
- Security breach, policy breach, cyber security, information security
- Security Event and Information Management (SIEM), IT risk management
- Event logging, root cause analysis, forensic audit, incident management
- Behaviour Anomaly Detection, security awareness training