What You Need to Know About the Essential 8

Every year the number of cyber attacks on Australian organisations grows and with these attacks inducing detrimental losses of money, time & effort regardless of industry; it is vital that strategies are implemented proactively to effectively combat adversaries.

Preventing cybersecurity attacks is a challenge that every organisation faces and although it may be considered impossible to completely protect an organisation from the possibility of an attack, there are measures that can be taken.

The Australian Cyber Security Centre (ACSC) released a list of eight essential mitigation strategies to effectively secure data against adversaries. The essential eight mitigation strategies for protection from cybersecurity attacks are the baseline for all Australian organisations to follow and provide a framework for organisations to adopt and mature over time.

These strategies aim to make it much harder for adversaries to compromise systems within an organisation of any size. ACSC states that proactively implementing the essential eight can be a cost-effective approach rather than responding to a possible large-scale security incident.

Prior to implementing these strategies, ACSC recommends performing the following activities to assist in building strong protection against cybersecurity threats:

  • Identify which systems need protection.
    • This means identifying the systems which store, process or communicate sensitive information or any other information that has a high availability requirement
  • Identify adversaries most likely to target their systems
    • This can include nation-states, cybercriminals or even malicious insiders
  • Identify what level of protection is required
    • This will assist in the selection of mitigation strategies based on the risks associated with specific business activities.

 

What are the Essential Eight?

Essential Eight

Without going into too much detail, here is an overview of the essential eight mitigation strategies to protect Australian organisations against cyber crimes.

  • Application Control: To prevent all non-approved applications (including malicious code) from executing
  • Patch Applications: To remediate known security vulnerabilities in applications that could be used to execute malicious code
  • Configure Microsoft Office Macro Settings: To block untrusted macros that could be used to deliver and execute malicious code on systems
  • User Application Hardening: To protect against vulnerable functionality such as flash, ads, and Java which are popular ways adversaries deliver and execute malicious code.
  • Restrict Administrative Privileges: To limit powerful access to systems that can be used to give adversaries full access to information and systems.
  • Patch Operating Systems: To remediate known vulnerabilities within operating systems which could be used to further the compromise of systems
  • Multi-Factor Authentication: To protect against risky activities through the use of stronger user authentication which makes it harder for adversaries to access sensitive information and systems.
  • Regular Backups: To maintain the availability of critical and sensitive data and ensure that information can be accessed following a cybersecurity incident.

 

Essential Eight Maturity Levels

On top of defining the Essential Eight, the ACSC has also defined 4 maturity levels to assess their implementation within a given organisation. Depending on how desirable their data is, as well as the potential consequences of a security incident, organisations will need to define with maturity level they are targeting.

  • Maturity Level Zero: weaknesses exist in the overall security posture of an organisation
  • Maturity Level One: This level focuses on commodity tradecraft such as a publicly-available security vulnerability. The organisation might not be a designated target but might rather simply be an “easy win” for a malicious actor employing common social engineering techniques.
  • Maturity Level Two: Focuses on adversaries operating slightly above the previous maturity level. These adversaries might be a bit more selective in their approach but will still pick a rather easy target with techniques such as phishing and social engineering techniques to circumvent multi-factor authentication and obtain access to accounts with special privileges they can exploit.
  • Maturity Level Three: At this level, adversaries will be less reliant on well-known tradecraft and more adaptive. They will carefully select their target and be willing to invest time and effort to circumvent specific policies and technical security controls and gain access to networks and data. Once in, adversaries will seek to gain privileged credentials, move to other parts of a network and cover their tracks.

The ACSC has put together a list of requirements for each of the Essential Eight and each maturity level that you can find on their website.

 

How can Venn IT help you meet the Essential Eight?

When it comes to protecting your organisation’s data against malicious attacks, you can’t afford to cut corners. By investing in the best partner, organisations can minimise the risk of instability and can gain confidence that their data is secure and accessible at all times.

Regardless of which stage or level of maturity your organisation is in with deploying mitigation strategy number 8 from ACSC’s essential eight, Venn IT’s managed data backup service can proactively assist in your organisation’s strategy to effectively secure data from adversaries. Similar to the approach suggested by ACSC, proactive monitoring is a key element in our managed data backup approach and we aim to identify potential issues before they cause any outages. Any and all incidents or problems are investigated from start to finish by our highly qualified engineers. We are specialists in enterprise data protection solutions and recognise the unique challenge of managing backup operations, especially within the context of cybersecurity attack prevention. Our strong background working with best-of-breed hardware, software, and professional services, means that we are expertly equipped to manage complex technology environments. Whilst what we offer is complex and bespoke, simply put, we provide peace of mind. Our solutions are tailored to meet your business objectives and goals, whether they are related to cybersecurity or otherwise.

Reach out today to see how we can help your organisation successfully implement a daily backup mitigation strategy to meet the essential eight and protect your systems from cybersecurity attacks.