Report a cyber incident

ASD's Australian Cyber Security Centre (ACSC) is responsible for monitoring and responding to sophisticated cyber threats targeting Australian interests. The ACSC’s Cyber Security Incident Reporting (CSIR) scheme assists with this role.

Reporting cyber security incidents to the ACSC ensures that the ACSC can provide timely assistance tailored to specific incidents. This may be in the form of investigations, analysis and/or remediation advice.

When should I report a cyber security incident?

A cyber security incident is a single or series of unwanted or unexpected events that have a significant probability of compromising an organisation’s business operations. Cyber security incidents can impact the confidentiality, integrity or availability of a system and the information that it stores, processes or communicates.

The types of cyber security incidents agencies should report to the ACSC include:

The following are examples of suspicious system and network activities:

How do I report a cyber security incident?

Cyber security incidents should be reported to the ACSC via an organisation’s Information Technology Security Adviser (ITSA) or equivalent information security manager.

Organisations are encouraged to submit incident reports via the ACSC incident report form or phone 1300 CYBER1 (1300 292 371).

Once an incident report is submitted to the ACSC, it is recorded and triaged. At this time the priority and extent of assistance that is necessary to respond to the cyber security incident is determined.