Cybersecurity

Cybersecurity relates to the activity or process, ability or capability, or state whereby information and communications systems and the information contained within are protected from and/or defended against damage, unauthorised use or modification, or exploitation to the protection of information and the systems that use, store, and transmit that information.

Our daily life, economic strength, and national security depend on a stable and resilient cyberspace. We rely on a vast array of networks to communicate and travel, power our homes, run our economy, and provide government services.

Cyber intrusions and attacks have increased dramatically over the last decade, exposing sensitive personal and business information, disrupting critical operations, and imposing high costs on both organisations and the economy.

Combating cyber threats is a shared responsibility. Staff, students, partners and visitors all have an important role to play.

Purpose of Cybersecurity

JCU’s business, research and operation depend on the efficient functioning of its ICT systems and our learning management, finance and people management (HR) systems along with many more, are of strategic importance to the mission of the University.

It is important to also observe that the hardware, software, data and information components that constitute JCU’s ICT infrastructure, sites and services represent a sizeable financial commitment that must also be protected.

A visible and effective Cyber Security Program will provide confidence to stakeholders that JCU is adequately managing cyber threats and also provide a strong foundation from which the University can engage in the digital economy.  The foundation principles of the JCU Cyber Security Program are:

  • Confidentiality: the restriction of access to information by authorised persons, entities and processes at authorised times and in an authorised manner.

  • Integrity: safeguarding the accuracy and completeness of information and information processing systems.

  • Availability: ensuring that authorised users have access to information and associated assets when required.

Cybersecurity Programs

ICT operate a number of Cybersecurity Programs for JCU. Some of the key initiatives include:

  • Risk Management

  • Policy and Procedure Development

  • General Security Awareness and Training

  • Security Consultation

If you would like more information, or to participate in any of the above programs, please Contact Us on the details below.

Responsibility, Consultation and Improvement

While ICT is responsible for coordinating Cybersecurity activities, it must be remembered that ALL JCU Staff, Students and Visitors are responsible for making a positive contribution to the appropriate use of computing resources and ensuring that the JCU Information Security Policy remains effective.

The Cyber Security Team can assist all areas of the University in implementing the JCU Information Security Policy and ensuring the appropriate application of the Policy itself. Some of the common areas we provide consultation include:

  • Compliance – Performance of compliance assessments and programs to assess an area/function/system against the requirements of policies, standards, principles and codes of practice.

  • Requirements – Providing detailed security requirements for new projects or initiatives.

  • Risk Management – Facilitation of risk workshops (based on ISO 31000) to assess risk exposures recommendations for the implementation of controls.

  • Personnel Training – Training of personnel to ensure all staff are aware of their security responsibilities.

For further information about Cybersecurity Consultation or if you have an idea on how to improve our security processes, please send an email to cyber.security@jcu.edu.au

Reporting Cybersecurity Incidents

Managing ICT incidents (including cybersecurity incidents) is a core function of ICT. JCU ICT considers a security incident as an event, which compromises or could compromise the Confidentiality, Integrity and Availability of information and/or information systems.

Examples of cybersecurity incidents include:

  • Unauthorised access to information and information systems;

  • Attempted or successful System intrusion and virus outbreaks;

  • Suspicious, fraudulent, inappropriate or offensive email; and

  • Theft of hardware, documents, storage media, etc.

All security incidents and security weaknesses that may affect the reputation of JCU, compromise information and/or information systems, must be reported to the IT Help Desk.

Reference Material

For related JCU Policies and Procedures, please refer to:

JCU Polices

JCU Guidelines

External Documents

Communications

The following communication channels are in use:

External References

For additional information on good security practices, refer to:

Contact ICT Cybersecurity

For further information about Cybersecurity please send an email to cyber.security@jcu.edu.au