Cyber security at the University of Sydney

Cyber security

Safeguarding our data and technology
The University of Sydney takes a rigorous, standards-based approach to managing cyber security risks for our staff, students, alumni, affiliates, partners and vendors, and all other organisations and individuals who support our commitment to excellence.

Cyber security is one of the University's highest priorities, and crucial to our core mission – to excel as a world-renowned research and teaching institution.

We have invested in a significant program of activities and safeguards to ensure your data, our data and our information and communications technology (ICT) are safe and secure – whether you are a member of our community or you work or partner with us.

Our standards-based approach to managing cyber security risks is supported by a policy framework and substantial resources. The University is continually improving our cyber control measures, to enhance our ability to rapidly identify and respond to any cyber threat.

A shared responsibility

Technological control measures are vital, but they are not enough. All members of our community have a shared responsibility to protect ourselves and the University against cyber security threats. For example, the University provides mandatory cyber security training to all staff. We urge you to report any suspicious activity or potential cyber security threats, by contacting us.

Read our one-stop guide to cyber security essentials.

Cyber security essentials – a one-stop guide

The University will regularly release cyber security advisories to keep you posted about current and emerging threats.

We understand the importance of responding quickly to prevent or defuse any cyber threats before they compromise our data security or ICT security.

If you are a member of the University community (staff, students, alumni etc), or work or partner with us in any capacity (industry partnersaffiliatescontractors, government, vendors etc) we strongly encourage you to report any cyber security incidents in a timely manner. 

Incidents you should report include:

  • suspecting an ICT service, device or account has been compromised
  • evidence on vulnerable University ICT services
  • unauthorised disclosure of sensitive information or discovering a lost University asset
  • observing someone breaching University policy.

Members of the public can contact the Cyber Security Team and staff and students can email

The University follows best-practice cyber security standards and has established a clear policy framework and invested substantial resources in its cyber security program. Read our policies on the University’s Policy Register.

The Cyber Security Policy 2019 (pdf, 216KB) defines the responsibilities and principles required within the University to protect the confidentiality, integrity and availability of ICT resources and digital information.

The Acceptable Use of ICT Resources Policy 2019 (pdf, 240KB) applies to all users of the University's ICT resources, and outlines user rights and responsibilities, the conditions of use of University ICT services, and penalties for misuse.