Throughout 2019, a range of malicious cyber actors continued to target Australia, conducting persistent cyber operations that threatened Australia’s security, stability and prosperity.

Cyber operations were often sophisticated, and deliberately targeted Australia in order to obtain information on: defence capabilities; cutting-edge Australian research; valuable intellectual property; and the personal information of Australian residents and government staff. These threats had the potential to affect the ability of the Australian Government to effectively serve the public and keep their trust.

The Australian Cyber Security Centre (ACSC) within the Australian Signals Directorate (ASD) leads the Australian Government’s operational cyber security capability. The ACSC brings together cyber security capabilities from across the Australian Government to provide cyber security advice and assistance to Commonwealth entities, state and territory and local governments, businesses, academia, and individuals.

This report is based on information held by ASD and AGD from 2019. Therefore the information can only indicate the maturity of an entity’s cyber security posture at the time it was provided — and is specific to the unique circumstances of that entity, at that time. However, with the cyber threat constantly evolving, and Commonwealth entities continually updating their security measures in response, the overall Commonwealth cyber security posture remains fluid.