Strategy
Vision
A cyber resilient and trusted Monash Group ecosystem encompassing our domestic and international community.
Purpose
Enabling Monash University’s commitment to addressing global challenges, our team exists to deliver sector-leading cyber security services to the Monash Group, placing an emphasis on enhancing cyber resilience and proactive cyber risk management.
Guiding Principles
Our approach to cyber security decision making at the University is informed by seven guiding principles that shall:
1. Ensure controls are proportionate to risk | Cyber security activities will focus on high value assets and systems, be proportional and will be risk-informed based on sound risk assessments. |
2. Share responsibility for cyber security | Cyber security is a shared responsibility across the Monash University community, with areas of individual accountability for staff, students and partners. |
3. Leverage global industry standards and frameworks | Globally-recognised industry standards and frameworks will be used to validate the completeness of our control set and approach to managing cyber-related risk. |
4. Drive a human-centred approach | Being pivotal in a cyber resilient and trusted ecosystem - human behaviour, drivers, skills and culture will be at the forefront of decision-making. |
5. Ensure control sustainability | Cyber security controls will be designed to be future ready, repeatable, supportable, uncomplicated, preference transparency and are supported with appropriate resourcing, education and training. |
6. Consider the Monash Group ecosystem | Cyber security services and capabilities will consider how to maximise coverage and value across the entire Monash Group ecosystem, including domestic and international entities, partners, suppliers staff and students. |
7. Facilitate domestic and global collaboration | Learnings, intelligence and resources will be shared with broader University sectors, industry and government partners to assist in hardening the overall ecosystem. |