Many agencies and departments are now addressing the new reporting requirements for the November 2024 update to the Protective Security Policy Framework (PSPF) for the period to 30 June 2025.
The PSPF is the essential guideline for Australian Government agencies to safeguard their information, people, and assets. The update to the PSPF introduced new compliance requirements that aim to strengthen the security posture across various government entities. Previously, entities were reporting maturity, but those days are no longer.

Cyber threats are escalating at an unprecedented pace. From sophisticated ransomware campaigns that lock down entire networks to stealthy phishing attacks targeting users, no organisation is immune. For local councils, SMEs, and not-for-profits alike, a single breach can mean lost data, service disruptions – and a serious hit to public trust.  

In today's ever-evolving digital world, the importance of cybersecurity cannot be overstated. While Cyber Awareness Month has been a key focus in educating individuals and organisations about best practices in cybersecurity, it is time to take a more ambitious step. It does not make sense to restrict this crucial awareness to just one month. While some organisations carry out awareness activities throughout the year, all organisations should extend Cyber Awareness Month to encompass the entire year through a planned approach.

Cyber security attacks pose a significant threat to local councils, compromising data integrity and citizen trust. The Australian Cyber Security Centre estimates the cost of an attack at $60,000 for medium-sized businesses, with larger attacks costing much more.