While comparing risks between United States and Australian cyber security risks one must first look at how both countries approach those risks. According to a 2016 article from nist.gov, the United States the Fisma Risk Management Framework, a decision-making aid for applying appropriate security controls, requires agencies to implement controls from the SP 800-53. The SP 800-53 is a list of 256 various controls that should be implemented to protect an agency. On top of this, these controls are very hard to understand for any non-experts, so not only is it difficult for an agency to put 256 guidelines into place, but unfortunately, they cannot even be understood in most cases. This leaves many US agencies unable to protect themselves efficiently which can lead to expensive damages or theft. Recommendations to this are to shorten the list to a more manageable size and to make the recommendations in plain English. It would also be beneficial to have experts on hand to explain and answer any questions the decision makers may have. The recommendations are taken from Australia’s approach to handling cybersecurity threats. Within Australia information security policies are based on “Strategies to Mitigate Targeted Cyber Intrusions”, set out by the government that are very specific, and effective. This may be the reason for Australia’s rise in the global cybersecurity ranking. By being able to set clear guidelines and making understanding of cybersecurity easier Australia eliminates one of the greatest threats in cybersecurity, ignorance of how to protect oneself. Without proper knowledge of the cybersecurity landscape, attacks in any form, whether a phishing attack or a simple DoS, could be overwhelming for the unprepared. So in summary, while both countries are constantly faced with cybersecurity risks in many forms, Australia is better equipped to handle those risks.