Cyber Security Strategy
Cyber threats continue to develop rapidly and it is therefore important to develop a cyber security strategy that is adaptable, effective, reduces risk and minimises the attack surface whilst meeting the specific needs and requirements of a University environment.
Cyber Security Realms
The cyber security strategy in JCU is focused on several realms:
- Improve and modernise governance and policies, including acceptable use and training
- Implement technical, architectural and operational controls
- Invest in systems and processes to protect and detect
- Establish respond and recovery procedures should a cyber security incident occur, this includes exercises to build ‘muscle memory’
- Ensure JCU has the appropriate cyber security controls to meet Governance, Legislative and Regulatory obligations.
Guiding Principles
The strategy is based on several underlying principles.
- Controls commensurate and proportionate to risk and the university risks appetite
- Shared responsibility for cyber security across the entire university with a significant role for individual accountability and maturing of a cyber risk aware culture
- Implement controls and measures against known threats
- Foster resiliency in systems, processes and people against unforeseen threats
- Invest in technology based tools to detect threats that were not be able to be minimised
- Facilitate collaboration and information sharing, not just within JCU but with across the HE sector and threat intelligence experts
- Leverage relationships state and federal government bodies to achieve industry recognised standards