Article

The Australian Signals Directorate (ASD) and the Australian Institute of Company Directors (AICD) have published the Cyber Security Priorities for Boards 2025-26, emphasizing that cybersecurity is a governance issue as much as an IT issue. Australia's threat environment is increasingly volatile, with espionage costing the economy $12.5 billion in FY23-24 and cybercrime rising, particularly affecting large enterprises.

Boards are now expected to understand their organizations' exposure, invest in breach containment strategies, and prepare for evolving threats, including quantum computing. Key recommendations include implementing secure-by-design technologies, focusing on protecting critical assets with an assume compromise mindset, enhancing event logging and threat detection capabilities, and overseeing cyber supply chain risks. The guidance highlights the necessity for boards to adapt to the evolving landscape of cybersecurity governance.