This builds on the successful completion of the Cloud Services Certification Program (CSCP) and the associated Certified Cloud Services List.

Developed in collaboration with leading industry bodies and experts, the new Cloud Security Guidance supports the secure adoption of cloud services across both government and industry and the protection of sovereign information, by allowing individuals and businesses alike to easily assess the security of cloud services.

In addition, the ACSC will grow and enhance the Information Security Registered Assessors Program (IRAP) to further support government and industry in implementing appropriate cloud security measures and increase their cyber security resilience.

The Cloud Security Guidance is supported by forthcoming updates to the Australian government Information Security Manual (ISM), the Attorney-General’s Protective Security Policy Framework (PSPF), and the DTA’s Secure Cloud Strategy.

VIEW ALL

Minister for Defence Linda Reynolds said that the new initiative is certain to boost Australia’s cyber security resilience.

“The release of the new guidance coincides with today’s cessation of the Certified Cloud Services List which will open up the Australian cloud market, allowing more homegrown Australian providers to operate and deliver their services,” Minister Reynolds said.

“This will provide opportunities for Commonwealth, state and territory agencies to tap into a greater range of secure and cost-effective cloud services.”

Her comments were mirrored by Minister for Government Services Stuart Robert, who emphasised the public-private interface that contributed to the new guidelines.

“Having been co-designed with industry, this will help and guide organisations to assess the suitability of a range of secure and cost effective cloud service providers to securely handle their data and ultimately boost Australia’s cyber security resilience,” Minister Robert said.