Cyber security standards and guidelines

Boost your cyber security using these standards, guidelines and tips.

Victorian Protective Data Security Framework and Standards

Slot gameThe Victorian Protective Data Security Framework and Standards (VPDSF) is the overall scheme for managing protective data security risks in Victoria’s public sector.

Slot gameThe VPDSF consists of the:

Slot gameYou can contact the for advice on the applicability of the VPDSF to your Victorian Government organisation.

Australian Government Information Security Manual

This  helps organisations to protect their information and systems from cyber threats. 

Slot gameThese guidelines are intended for:

  • chief information security officers (CISOs)
  • chief information officers (CIOs)
  • cyber security professionals
  • information technology managers

Access the  (produced by the .

The 'Essential Eight'

The Australian Cyber Security Centre has compiled a list of mitigation strategies, known as  that organisations can use as starting points to improve their cyber resilience. These should be implemented as a baseline where possible.

Slot gameImplementing these 8 strategies proactively can be more cost-effective in terms of time, money and effort than responding to a successful large-scale cyber security incident.

The Essential Eight are:

  1. Application whitelisting - Whitelist approved and trusted programs to prevent the execution of unapproved or malicious programs from executing.
  2. Patching applications - Perform regular patching/updating of applications in your network.
  3. Office macros - Configure Microsoft Office products to block the execution of un-trusted macros.
  4. Harden user applications - Tightly control applications that have the ability to perform unwanted or potentially vulnerable actions.
  5. Restrict administrative privileges - Restrict administrative privilege for operating systems and applications based on user duties.
  6. Patch operating systems – Routinely patch and upgrade your operating systems to the latest versions.
  7. Use multi-factor authentication - Set up multi-factor authentication to provide higher authentication assurance for privileged, power and remote user access.
  8. Backup daily – Create regular backups of your most important data and configuration settings to help you recover quickly from a disruption. Keep backups on a device that is not connected to your network.

Cloud security guidelines

Slot gameThe cloud security guidelines are intended to support Victorian Government organisations in making informed, risk-based decisions about the use of cloud services.

They are targeted at general management, cyber security and IT security practitioners. They assume basic knowledge of cloud computing and enterprise security architectures.

Download the guidelines:

Slot gameThese guidelines were developed by the Department of Premier and Cabinet Cyber Security Unit for use by Victorian Government organisations.

Reviewed 12 November 2019

Contact the Chief Information Security Officer

Department of Premier and Cabinet

Was this page helpful?