In our previous post, we introduced the Essential Eight compliance framework, a practical and prioritised guide to improving cyber security developed by the Australian Cyber Security Centre (ACSC) in 2017. Essential Eight is based on the ACSC’s experience in responding to cyber incidents and reflects the most common tactics used by cybercriminals to compromise organisations’ systems and data.
Essential Eight comprises eight strategies organisations can use to improve their cyber security posture. In this post, we’ll take a closer look at each of the Essential Eight strategies and provide tips on how to implement them in your organisation.
- Application whitelisting: Start by creating a list of approved applications that are necessary for your organisation’s operations. Use a combination of technical controls and user education to ensure that only approved applications are allowed to run on your systems.
- Patching applications: Develop a process for testing and deploying security patches as soon as they become available. Prioritise critical patches that address known vulnerabilities and establish a timeline for patch deployment.
- Configuring Microsoft Office macro settings: Disable macros by default and only enable them for approved files. Educate users on the risks of macro-based attacks and provide guidance on identifying and reporting suspicious files.
- User application hardening: Configure web browsers and other user applications to block malicious content and restrict functionality that is not needed for business purposes. Provide training and guidance to users on safe browsing habits and the risks of clicking on links or downloading attachments from untrusted sources.
- Restricting administrative privileges: Limit the number of users with administrative privileges and establish a process for granting and revoking access. Regularly review and update administrative access controls to ensure that they are aligned with the principle of least privilege.
- Patching operating systems: Develop a process for testing and deploying security patches for operating systems. Prioritise critical patches and establish a timeline for patch deployment.
- Multi-factor authentication: Implement multi-factor authentication for remote access and privileged access to critical systems and data. Use a combination of technical controls and user education to ensure that multi-factor authentication is used effectively.
- Daily backups of important data: Develop a backup strategy that includes regular backups of important data and testing of backup and recovery procedures. Store backups securely and offsite to minimise the impact of data loss due to cyber-attacks or other disasters.
Compliance with Essential Eight is an ongoing process that requires regular monitoring and assessment of your organisation’s cyber security posture. By implementing the strategies outlined in Essential Eight, your organisation can significantly reduce the risk of cyber-attacks and protect your systems and data from harm. There are many applications and management techniques that we can assist your organization with, making what seems like an insurmountable task a part of day to day business.
In conclusion, the Essential Eight compliance framework provides a practical and effective guide to improving cyber security in your organisation. By following the tips outlined in this post and regularly reviewing and updating your security measures, you can stay protected against cyber threats and ensure the safety of your systems and data.