Cyber Security Strategy

Cyber threats continue to develop rapidly and it is therefore important to develop a cyber security strategy that is adaptable, effective, reduces risk and minimises the attack surface whilst meeting the specific needs and requirements of a University environment.

Cyber Security Realms

The cyber security strategy in JCU is focused on several realms:

• Improve and modernise governance and policies, including acceptable use and training
• Implement technical, architectural and operational controls
• Invest in systems and processes to protect and detect
• Establish respond and recovery procedures should a cyber security incident occur, this includes exercises to build ‘muscle memory’
• Ensure JCU has the appropriate cyber security controls to meet Governance, Legislative and Regulatory obligations.

Guiding Principles

The strategy is based on several underlying principles.

• Controls commensurate and proportionate to risk and the university risks appetite
• Shared responsibility for cyber security across the entire university with a significant role for individual accountability and maturing of a cyber risk aware culture
• Implement controls and measures against known threats
• Foster resiliency in systems, processes and people against unforeseen threats
• Invest in technology based tools to detect threats that were not be able to be minimised
• Facilitate collaboration and information sharing, not just within JCU but with across the HE sector and threat intelligence experts
• Leverage relationships state and federal government bodies to achieve industry recognised standards