Govt opens consultation around cyber incident response providers

By Jason Pollock on Sep 15, 2025 4:26PM
Govt opens consultation around cyber incident response providers

The Department of Home Affairs is carrying out a targeted consultation on a voluntary Code of Practice for Cyber Incident Response Providers (the Code) to ensure that cyber security firms provide fit-for-purpose services

The Code is being co-designed by the National Office of Cyber Security, the Australian Signals Directorate (ASD) and the wider industry.

The 2023-2030 Australian Cyber Security Strategy (the Strategy) states the government will provide business and community leaders with greater confidence when they engage cyber security professionals.

In a consultation paper, the government said that there are currently no consistent standards for cyber incident response providers in Australia.

"Businesses and individuals rely on these providers to support and guide them through cyber incident response; however, there are no assurances that they are receiving quality service," the paper said.

During consultation for the Strategy, the industry highlighted issues when engaging incident response providers due to a lack of clarity around expected service quality and professional standards.

"Businesses and individuals often do not have the expertise to understand whether incident response providers are offering useful services and often rely on uninformed trust. Without access to timely and professional support, cyber incidents can grow in scale and consequence," the paper stated.

The Code will set out best practice controls designed to support incident response providers to meet service quality and professional standards and encourage collaboration and information sharing with ASD’s Australian Cyber Security Centre and the National Cyber Security Coordinator.

Guiding principles of the code include identifying threats with speed and precision; investigating to enable recovery and future analysis; containing the threat while supporting business continuity; removing the threat actors presence from the system; supporting restoration with actionable insights; building trust through collaboration; supporting timely and effective reporting; and turning lessons into defences.

Interested stakeholders can write submissions up until 26 September 2025 at 5:00 pm.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © nextmedia Pty Ltd. All rights reserved.
Tags:
20232030 australian cyber security strategy australian cyber security strategy australian signals directorate code of practice for cyber incident response providers department of home affairs national office of cyber security strategy

Sponsored Whitepapers

Tech Data
Tech Data
Coro
Coro
Huntress
Huntress
Hosted Network
Hosted Network
Dicker Data
Dicker Data

Events

Huntress Cybersecurity Roadshow Sydney
Huntress Cybersecurity Roadshow Sydney
Huntress Cybersecurity Roadshow Melbourne
Huntress Cybersecurity Roadshow Melbourne
techpartner.news Benchmark Security Awards 2025
techpartner.news Benchmark Security Awards 2025

Most read articles

Australian MSP Index launched

Australian MSP Index launched
Nexon Asia Pacific sold to Adamantem Capital

Nexon Asia Pacific sold to Adamantem Capital
Infosys to acquire majority stake in Telstra-owned Versent

Infosys to acquire majority stake in Telstra-owned Versent
Fast50 2025 entries open: New revenue categories & profitability award

Fast50 2025 entries open: New revenue categories & profitability award

Log in

Email:
Password:
  |  Forgot your password?