The Australian Cyber Security Handbook
Free!
With Membership
$19.99
Suggested price

The Australian Cyber Security Handbook

2024 UPDATE

About the Book

The Australian Cyber Security Handbook is intended to fill a void in the existing literature by being the only general textbook written specifically from an Australian context. The work represents years of accumulated research followed by many months of drafting, revision, editing and further revision to present, in a single volume, a comprehensive guide to the cyber security context, threat landscape, protective measures, professional practice and the Australian cyber security industry.

All chapters are liberally sprinkled with local examples & case studies, local statistics, references to the Australian legal framework, and solutions that meet sovereign risk.

It is anticipated that The Australian Cyber Security Handbook will provide a single text suitable for use in courses across both vocational and higher education sectors, as well as an invaluable daily "go to" for Australian cyber security practitioners.

  • Share this book

  • Categories

    • Computer Security
    • Computer Science
    • Digital Transformation
  • Feedback

    Email the Author(s)

About the Author

John Burgess
John Burgess

John Burgess is an IT industry veteran with over 30 years industry experience in the computer, software development and information security fields.


Since 2019 John has taught cyber security at Victoria University in Melbourne (www.vu.edu.au), where he is currently the Senior Educator with VU's Department of Digital Transformation. John has been the Cyber Security Course Lead at VU since mid 2020.


John is a PECB Certified IEC/ISO 27001 Lead Auditor and has undertaken information security assessments for a wide range of Australian clients. John holds a Bachelor of Commerce degree with dual majors in Accounting and Management Information Systems, a Graduate Diploma in Document Management (awarded with Distinction), and a Master of Business degree in the field of Information Innovation. He is a member of the Australian Computer Society and the Australian Information Security Association.


Table of Contents

  • Preface
    • About the Author
  • INTRODUCTION
    • 1 - A Short History of Cyber Security in Australia
      • Recent Events
      • How to use this book
  • PART I - THE CYBER SECURITY CONTEXT
    • 2 - Strategic cyber security: a risk management approach
      • Risk management
      • Identifying vulnerabilities
      • Prioritising action
      • Risk treatment choices
      • Risk management challenges
      • Threat hunting
    • 3 - Human Vulnerabilities
      • Protecting Human Interests
      • Human Risk Factors
      • Controlling human vulnerabilities
    • 4 - Device Vulnerabilities
      • Personal computing device architecture
      • Modern device types & form factors
      • Modern desktop operating systems
      • Device attack-vectors
      • Networks introduce a new attack-vector
    • 5 - Network Vulnerabilities
      • Introduction to computer networking
      • Network components
      • Networking risks
      • IP Addressing Schemes
      • Important Network Protocols
      • Putting it All Together
  • PART II - THE THREAT LANDSCAPE
    • 6 - Privacy & data breach
      • Data breach threat actors
      • Data breach threat goals
      • The mandatory notifiable data breach (NDB) scheme
      • Notifiable Data Breach Trends
      • Australia’s fragmented data protection regime
      • International schemes
      • Other legal implications
      • Recent Data Breach Examples in Australia
    • 7 - Insider Threats
      • Insider Threat Actors
      • Insider Threat Goals
      • The insider problem
      • Characteristics of insider attacks
      • Extent of insider attacks
      • Other considerations
    • 8 - Cyber-crime
      • Australia’s legal system
      • History and trends
      • Legal implications for ethical hackers
      • Cyber-crime threat actors & threat goals
      • Attack Methods & Vectors
      • Hacker Threat Goals
      • Malware & Ransomware
      • Denial of Service
      • Social engineering
      • Cocktail attacks
    • 9 - Advanced Persistent Threats
      • State threat actors
      • APT threat goals
      • Cyber warfare
      • APT activities in Australia
      • Other Response Approaches
      • Ransomware Gangs
    • 10 - The Dark Web
      • Characteristics of the Dark Web
      • Accessing the Dark Web
      • Why law enforcement permits Dark Web tools to continue to operate
      • Hacker resources
  • PART III - IMPLEMENTING APPROPRIATE DEFENCES
    • 11 - Applying cyber security standards and frameworks in pursuit of best security practice
      • ISO 27001
      • NIST SP “800” series Special Publications
      • Comparing ISO 27k and NIST-800
      • The Information Security Manual
      • Other cyber security standards and frameworks
      • Authentication, Authorisation, and Accounting (AAA)
    • 12 Cyber security planning & Policies
      • Some Terminology
      • Matching risks and controls
      • Defence in Depth
      • Policy architecture
      • Continuous improvement
    • 13 - Securing a Network with technical controls
      • The network perimeter
      • Endpoint Detection & Response
      • The role of Zero-Trust architecture in a perimeter-less world
    • 14 - Protecting the Cloud
      • It’s just someone else’s computer
      • Adapting on-premise methods to the cloud
      • Cloud Vulnerabilities
      • Controls and counter-measures suitable in a cloud environment
      • Cloud-Based Security Tools
    • 15 - Protecting physical infrastructure
      • Physical security controls
      • Attacking physical controls
      • HVAC
      • Assets used by remote workers
      • Preventative maintenance
      • Internet of Things
      • Self-driving vehicles & Drones
    • 16 - Protecting people (from themselves)
      • Access and authentication
      • Cyber awareness
      • Cyber-hygiene
    • 17 - Cyber Security Operations
      • The Cyber Security Operations Centre (CSOC)
      • Cyber security operations in smaller organisations
    • 18 - The Cyber Security Profession in Australia
      • Cyber security professional bodies
      • Industry Promotion and Advocacy
      • Government Cyber Agencies & Programs
      • Education & Industry certifications
      • Cyber ranges for practical skills development
      • Cyber Security Events
      • Local cyber security influencers
    • 19 The Australian Cyber Security Industry
      • Snapshot of the Australian Cyber Security Industry
      • Australian cyber security start-ups
      • Challenges
  • LOOKING TO THE FUTURE
    • 20 - Trends and Emerging Threats
      • Recent Australian Trends
      • My Top 6 Short-term Predictions for Cyber Security in Australia
  • Notes

The Leanpub 60 Day 100% Happiness Guarantee

Within 60 days of purchase you can get a 100% refund on any Leanpub purchase, in two clicks.

Now, this is technically risky for us, since you'll have the book or course files either way. But we're so confident in our products and services, and in our authors and readers, that we're happy to offer a full money back guarantee for everything we sell.

You can only find out how good something is by trying it, and because of our 100% money back guarantee there's literally no risk to do so!

So, there's no reason not to click the Add to Cart button, is there?

See full terms...

80% Royalties. Earn $16 on a $20 book.

We pay 80% royalties. That's not a typo: you earn $16 on a $20 sale. If we sell 5000 non-refunded copies of your book or course for $20, you'll earn $80,000.

(Yes, some authors have already earned much more than that on Leanpub.)

In fact, authors have earnedover $13 millionwriting, publishing and selling on Leanpub.

Learn more about writing on Leanpub

Free Updates. DRM Free.

If you buy a Leanpub book, you get free updates for as long as the author updates the book! Many authors use Leanpub to publish their books in-progress, while they are writing them. All readers get free updates, regardless of when they bought the book or how much they paid (including free).

Most Leanpub books are available in PDF (for computers) and EPUB (for phones, tablets and Kindle). The formats that a book includes are shown at the top right corner of this page.

Finally, Leanpub books don't have any DRM copy-protection nonsense, so you can easily read them on any supported device.

Learn more about Leanpub's ebook formats and where to read them

Write and Publish on Leanpub

You can use Leanpub to easily write, publish and sell in-progress and completed ebooks and online courses!

Leanpub is a powerful platform for serious authors, combining a simple, elegant writing and publishing workflow with a store focused on selling in-progress ebooks.

Leanpub is a magical typewriter for authors: just write in plain text, and to publish your ebook, just click a button. (Or, if you are producing your ebook your own way, you can even upload your own PDF and/or EPUB files and then publish with one click!) It really is that easy.

Learn more about writing on Leanpub