Three new Directions have been released by the Secretary of the Department of Home Affairs for the Protective Security Policy Framework (PSPF). The PSPF is designed for the Australian Government to safeguard people, information and assets.
The three Directions specifically apply to the management and mitigation of cybersecurity risks to the Australian Government:
- Direction 001-2024 on Managing Foreign Ownership, Control or Influence Risks in Technology Assets
- Requires Australian Government entities to identify indicators of Foreign Ownership, Control or Influence risk as they relate to procurement and maintenance of technology assets and appropriately manage and report those risks
- Direction 002-2024 on Technology Asset Stocktake
- Requires Australian Government entities to identify and actively manage the risks associated with vulnerable technologies they manage, including those they manage for other entities
- Direction 003-2024 on Supporting Visibility of the Cyber Threat
- Requires Australian Government entities using threat intelligence sharing platforms to share cyber threat information with the Australian Signals Directorate
For a full reading of the Directions, see here.