© 2020 Content Security Pty Ltd.
In today’s digital society, cyber threats are an all too frequent reality. On almost a daily basis, businesses across the nation are faced with a variety of common cyber security incidents threatening their infrastructure, data and livelihood. In order to mitigate the risk posed by these threats, it is crucial to have cost-effective and comprehensive protection strategies in place. These strategies should work to:
The Australian Cyber Security Centre’s (ACSC) Essential 8 (previously the ASD Essential 8) does just that. Ultimately, it is a baseline of mitigation strategies compiled to assist Australian organisations and government agencies in protecting their systems against a range of adversaries.
As the phrase ‘Essential 8’ implies, these are fundamental building blocks in any organisation’s security approach. However, the Federal Government has rejected recommendations to make all of the Essential 8 mitigation strategies mandatory. Currently, only the top 4 of these strategies are mandatory for government departments and agencies to comply with.
As of February 2019, the NSW Government Cyber Security Policy mandates that government departments must submit an annual report detailing a maturity assessment against the ACSC Essential 8 by August 31st.
This is the practice of specifying an index of approved software applications or executable files. This can be achieved by Application Whitelisting, for instance. It is primarily designed to prevent the execution and spread of malicious code, as well as the installation or use of unapproved applications.
Patches provide updates or changes to fix or improve your devices’ applications, such as Flash, web browsers, Microsoft Office, Java, PDF viewers and more. In addition, they remove security vulnerabilities meaning they close the gaps that adversaries typically target.
Macros work in the background of Microsoft Office documents, and are used by cyber adversaries to execute malicious code. Therefore, it is recommended to block macros from the internet, and only allow checked macros from trusted locations with limited write access or further, digitally signed macros with a trusted certificate.
Flash, web advertisements and Java are popular vehicles for executing malware on victims’ systems. Therefore, it is important to configure web browsers to block and disable these. Further disable other unnecessary features in Microsoft Office and PDF viewers.
To prevent adversaries from exploiting admin accounts and gaining full access to your business’ information and systems, it is important to restrict administrative privileges based on individual users’ duties. It is also vital to regularly revalidate these privileges.
Just as with your applications, your computers and network devices should be patched and updated regularly. Your operating systems are one of the primary ways that cyber criminals can enact further compromise and systems should therefore be running the latest versions.
Multi-Factor Authentication is the practice of using two or more authentication factors to verify a user to a system. When implemented correctly, it significantly strengthens user authentication, thus making it more difficult for cyber adversaries to steal credentials and gain access to the network.
In the aftermath of a security incident it is vital that key information from prior to the incident, including data and configuration settings, is available. Daily back-ups of new/changed data, software and settings facilitate an easier recovery and assist in keeping systems available.
The following tiers assist with determining the level of maturity for each control implementation. Once an initial level of implementation is met, organisations should focus on reaching maturity level three for all eight mitigation strategies. For more information on the ACSC’s Essential Eight Maturity Model, please visit their website.
Partly aligned with the intent of the mitigation strategy.
Mostly aligned with the intent of the mitigation strategy.
Fully aligned with the intent of the mitigation strategy.
As a cyber security advisory organisation with over 20 years of experience, our mission is to empower businesses in cyber security and keep them abreast of evolving threats. As a result, a large part of our work involves reviewing and implementing the correct strategies to proactively mitigate our clients’ exposure to security incidents.
At Content Security, we take a two-pronged approach to help clients gain and maintain Essential Eight compliance:
Firstly, we conduct security audits on clients' systems and processes, ranking them against the ACSC Essential Eight Maturity Model.
Secondly, we make a tailor-made roadmap based on the findings from the audit report. We provide you with a suitable implementation strategy to ensure your organisation is meeting the required maturity level, and further, strengthening your security posture.
After conducting the audit, our security consultants provide you with a detailed report describing the activities that were performed and the results found. This report typically contains:
Our experts take a closer look at the security controls in scope, ranking each against the Essential 8 Maturity Model. As a result, this gives you a clear idea of where your organisation sits and thus, a benchmark from which you can improve.
In order to give you the most in-depth overview possible, our consultants pair each control with a summary of the evidence used to determine the ranking. To clarify, this evidence includes interview notes, process review notes, and notes from direct observation.
Once we distinguish where your organisation sits in relation to the Essential Eight Maturity Model, we are better suited to provide you with an Essential Eight roadmap. Our tailor-made plans define the activities required of your organisation to increase the maturity of each control from where they currently stand to the next level(s).
We not only create an outline of your personalised Essential Eight roadmap but provide actionable recommendations on the path ahead. This includes which security controls to increase prioritised by the level of risk (both current and residual) faced by your business after increasing the security control.
In addition to the above elements, we are also able to include reports from our automated vulnerability assessment tool, showing missing patches and other vulnerabilities found within your organisation.
The following tiers assist with determining the level of maturity for each control implementation. Once an initial level of implementation is met, organisations should focus on reaching maturity level three for all eight mitigation strategies. For more information on the ACSC’s Essential Eight Maturity Model, click here.
Partly aligned with the intent of the mitigation strategy.
Partly aligned with the intent of the mitigation strategy.
Partly aligned with the intent of the mitigation strategy.
Partly aligned with the intent of the mitigation strategy.
Partly aligned with the intent of the mitigation strategy.