This paper explores the concept of ‘clean pipes’, which is the idea that internet service providers (ISPs) could provide security services to their customers to deliver a better level of default security.

In the absence of broad-based regulations, setting the bar for minimum cybersecurity features for internet-of-things (IoT) devices, standards and certification represent the last line of defence to protect consumers, governments, industry and critical infrastructure from cybercriminals and state-sponsored cyberattacks. This paper calls for a new...

This guide provides guidance on the reasonable steps entities are required to take to protect the personal information they hold from misuse, interference, loss, and from unauthorised access, modification or disclosure.

This report identifies four significant obstacles that stand in the way of Australia’s national security community moving to cloud infrastructure. These obstacles need to be crossed, and the change needs to be driven by ministers and agency heads.

The CSIS Working Group on Trust and Security in 5G Networks has developed this criteria for governments and network owners or operators to use in assessing the trustworthiness of telecommunications equipment suppliers.

With China’s credibility damaged over the early denials of the lethality of the COVID-19 virus, can Western nations trust its official assurances on 5G neutrality? Are we prepared for the worst if the fears about 5G became a reality? Randolph Mank explores the issues in...

A deep fake is a digital forgery created through deep learning (a subset of AI). Deep fakes can create entirely new content or manipulate existing content, including video, images, audio and text. This paper argues that policymakers face a narrowing window of opportunity to minimise...

Identifying the cyber security posture or vulnerabilities of individual Commonwealth entities may increase their risk of being targeted by malicious cyber actors. This report, therefore, does not identify specific entities – all data has been anonymised and provided in aggregate.

The principal objective of this study is to identify the principles and values of encryption in New Zealand with a view to informing future developments of encryption-related laws and policies. The overarching question is: What are the fundamental principles and values that apply to encryption?