Every year the number of cyber attacks on Australian organisations grow and with these attacks inducing detrimental losses of money, time & effort; it’s vital that strategies are implemented proactively to combat adversaries.
Preventing cybersecurity attacks is a challenge that every organisation faces and although it may be considered impossible to completely protect an organisation from the possibility of an attack, there are measures that can be taken.
The Australian Cyber Security Centre (ACSC) released a list of eight essential mitigation strategies to effectively secure data against adversaries. The essential eight mitigation strategies for protection from cybersecurity attacks are the baseline for all Australian organisations to follow and provide a framework for organisations to adopt and mature over time.
These strategies aim to make it much harder for adversaries to compromise systems within an organisation of any size. ACSC states that proactively implementing the essential eight can be a cost-effective approach rather than responding to a possibly large scale security incident.
Prior to implementing these strategies, ACSC recommends performing the following activities to assist in building strong protection against cybersecurity threats:
- Identify which systems need protection.
- This means identifying the systems which store, process or communicate sensitive information or any other information that have a high availability requirement.
- Identify adversaries most likely to target systems
- This can include nation-states, cybercriminals or even malicious insiders.
- Identify what level of protection is required
- This will assist in selecting mitigation strategies based on the risks associated with specific business activities.
Here is a rundown of the essential eight mitigation strategies to protect Australian organisations against cyber crimes.
- To prevent all non-approved applications (including malicious code) from executing.
- To remediate known security vulnerabilities in applications that could be used to execute malicious code.
Configure Microsoft Office Macro Settings
- To block untrusted macros that could be used to deliver and execute malicious code on systems.
User Application Hardening
- To protect against vulnerable functionality such as flash, ads and Java which are popular ways adversaries deliver and execute malicious code.
Restrict Administrative privileges
- To limit powerful access to systems which can be used to give adversaries full access to information and systems.
Patch Operating Systems
- To remediate known vulnerabilities within operating systems which could be used to further the compromise of systems.
- To protect against risky activities through the use of stronger user authentication which makes it harder for adversaries to access sensitive information and systems.
- To maintain the availability of critical and sensitive data and ensure that information can be accessed following a cybersecurity incident.
Why should your organisation implement the mitigation strategies?
Less than 5 years ago the Australian Federal Government mandated the top 4 of the essential eight strategies for federal government departments. Fast forward to today and the Joint Committee of Public Accounts and Audit (JCPAA) has recommended that the Federal Government mandates all eight mitigation strategies. This is especially due to ACSC’s claim that when all eight mitigation strategies are implemented effectively that 85% of targeted cyber-attacks are mitigated.
How can VENN IT help with meeting the essential eight?
Our team of highly skilled individuals uniquely understand the challenges that enterprises and government departments face when it comes to taking measure to mitigate
We offer an Essential Eight Audit Service which evaluates your current cybersecurity mitigation activities and provides practical and actionable advice on how your organisation can effectively implement the essential eight strategies.
Once your organisation has a comprehensive understanding of the current measures that are being taken to protect your systems from cyber-attacks, Venn IT can assist your organisation with the implementation of these strategies. Regardless of which stage or level of maturity your organisation is at, we can align the implementation with the recommended maturity model set forth by the ACSC.
Reach out today to see how we can help your organisation effectively implement the ACSC’s essential eight mitigation strategies and protect your systems from cybersecurity attacks.
16 Jamieson Street
Bowen Hills, QLD, 4006
07 3252 9031