Defence Signals Directorate Reveal their secrets....Protect our own

Cyber Security Event Reporting
(Formerly Information Security Incident Reporting)

In accordance with the mandatory event reporting requirements in the ISM, the Cyber Security Event Reporting (CSER) form is used to collect information on security events that affect the security of Australian government IT systems.

This information is collected to allow high-level analysis of cyber security events, with the ultimate aim of improving our knowledge of threats to Australian government information systems and how to protect them more effectively. Information derived from CSER reporting is also used as a basis for threat assessments, security advice and DSD event response services.

The types of events that federal agencies are asked to report include:

  • suspicious or seemingly targeted emails with attachments or links to files or websites,
  • unauthorised intrusion into an IT system (hacking),
  • any compromise or corruption of information,
  • intentional or accidental introduction of viruses to a system, and
  • intentional or accidental disruption to service or damage to or loss of equipment.

DSD will cooperate with agencies to respond to serious events and can provide assistance for event resolution as required. In all cases this assistance is intended to complement the efforts of agencies' IT Security Advisors (ITSAs) and Agency Security Advisors (ASAs), who continue to be the principal line of defence against security threats.

Events are categorised as either RED or YELLOW under the CSER categories (PDF 686KB).

Agencies are required to report RED events and are encouraged to report YELLOW events and those that cannot be categorised.

Agencies that require assistance from DSD should notify the CSOC as soon as possible via the Cyber Security Event Hotline.

Submitting a Cyber Security Event Report

There are two ways to submit an event report:

  1. Complete and submit the web form at the OnSecure website (preferred method).
  2. Download, complete and submit the CSER form (PDF 121KB) through email or post.

Once completed, the form should be classified (depending on content) and then be sent via email or post in accordance with the handling procedures outlined in the Australian Government Protective Security Manual.

Telephone:
(02) 6265 0197 (Advice and Assistance)

Email:
assist@dsd.gov.au.nospam (*ensure that you remove '.nospam' to use this address)

Post:
Cyber & Information Security Division
Defence Signals Directorate
Locked Bag 5076
Kingston ACT 2604