Cyber security help and resources
If you need non-urgent advice on cyber security, email the Cyber Security Unit at cybersecurityunit@qld.gov.au. If you suspect a cyber security incident has occurred, report it immediately.
Australian Cyber Security Centre
Use the Australian Cyber Security Centre (ACSC) to improve your cyber security. The ACSC leads the Australian Government's efforts to improve cyber security and provides useful resources and services to support your security. This includes guidance around how to report cyber crime, how to recover and get help, and how to keep up to date with the latest threats and how to manage them.
The ACSC also provides some proactive strategies to address cyber threats and free information on the latest online threats and scams.
You can sign up to the ACSC’s free alert service to keep up to date on current online threats and how they can be managed.
Australian Cyber Emergency Response Team
Consider subscribing to the Australian Cyber Emergency Response Team (AusCERT). AusCERT is a membership based cyber-security support organisation. Contact membership@auscert.org.au (07 3365 4417) for details.
AuCyberScape
Visit AUCyberScape and connect to a national cyber security digital ecosystem. Use AuCyberScape to find cyber security suppliers.
ISO Standards
Standards Australia (SAI Global)
Official Australian publisher of ISO standards. You can also purchase the standards here.
ISO 27000 background information
A third-party site that maintains a list of links to various ISO27000 suite standards.
Office of the Information Commissioner Queensland
Visit the Office of the Information Commissioner Queensland for advice on transferring information out of Australia.
Office of the Australian Information Commissioner
The Office of the Australian Information Commissioner provides advice as the national regulator for privacy and freedom of information.
Cybercrime
For information on Cybercrime, visit Australian Federal Police Cybercrime website. For practical advice regarding online safety including links to other useful sites, see the Australian Government Online Safety site.
Scams
For help identifying, reporting and avoiding scams, visit Scamwatch (operated by the Australian Competition and Consumer Commission).
To check if your email or phone number is part of any previous or current data breaches, visit Have I been pwned (privately operated service).
Visit the Office of the Australian Information Commissioner to make a privacy complaint, report a data breach or apply for a freedom of information review.
Phishing
If you suspect you've received a phishing email, you should:
- avoid clicking on links in emails or messages, or opening attachments, from people or organisations you don't know.
- hover over links before clicking them to see the actual web address it will take you to (usually shown at the bottom of the browser window). If you don’t recognise or trust the address, try searching for relevant key terms in a web browser. This way you can find the article, video or webpage without directly clicking on the suspicious link.
- talk through the suspicious message with a colleague, friend or family member. Check its legitimacy by contacting the relevant business or organisation (using contact details sourced from the official company website).
Online safety
Your department must assess security vulnerabilities and apply patches to all critical systems, devices, VPNs and Firewalls.
Ensure you're running up-to-date anti-virus software. Turn on automatic updates if possible. For Windows machines, visit How to turn on Automatic Updates for Windows 10. For Apple products, visit How to turn on Automatic Updates for Apple products.
Don't use free webmail platforms for official communications.
Protect your device against malicious URLs by turning on a free DNS filtering solution. Here are two free DNS solutions available:
- How to configure to use Google Public DNS (Windows/MACOS/Linux)
- How to point your DNS to the Cisco Umbrella
IDCARE
Access IDCARE for a range of free cyber literacy and safety resources. IDCARE is Australia and New Zealand’s national identity and cyber support service that helps thousands of people and organisations reduce the harm of cyber-crime and identify theft.
The Office of the eSafety Commissioner
Visit the Office of the eSafety Commissioner to report cyberbullying and illegal, inappropriate or offensive online content. The eSafety commissioner promotes online safety education for Australian young people, educators and parents.
ThinkUKnow
Visit ThinkUKnow to report suspected child exploitation and abuse. ThinkUKnow is an Australian Federal Police site that helps educate the public on online child sexual exploitation.
Cyber security resources and guidelines
- Deployment of intrusion detection and prevention systems guideline
- Email disclaimer guideline
- Executive guide to security incident management
- ICT asset disaster recovery planning guideline
- ICT infrastructure change management guideline
- ICT-as-a-service security assurance guideline
- Information security assurance and classification guideline
- Information security incident management guideline
- Ransomware guideline
- Reducing password frustration for Queensland Public Servants
- Vulnerability management guideline
- Web application security testing guideline