If you’re looking to bolster your cyber security posture, it can be best to begin by exploring government-endorsed cyber security strategies. The Australian Cyber Security Centre (ACSC), the federal government’s lead agency for cyber security, has created the Essential Eight Maturity Model to help defend Australian organisations against the growing threat of cyber crime.

Consisting of eight cyber strategies, the model helps Australian organisations defend against cyber threats such as ransomware, malware, and malicious code. The model also evaluates organisations on a ‘maturity level,’ or level of cyber strength, for each of the eight strategies. The model is primarily designed for networks that use Microsoft Windows-based internet connections, rather than cloud services or other operating systems.

 

What are the eight strategies?

The Essential Eight comprises the following eight separate mitigation strategies that help elevate an organisation’s cyber posture:

  1. Application control

Application control is about preventing malicious code and malware from executing on your systems and networks. Effective application control should only allow applications you trust and approve to execute, therefore reducing your chances of being infected by malware.

  1. Patch applications

Aim to patch applications such as Flash, web browsers, Microsoft Office, and other apps as soon as possible. Unpatched systems and applications have vulnerabilities that can lead to cyber breaches.

  1. Configure Microsoft Office macro settings

Cyber criminals can use Microsoft Office macros to execute malware on your devices. As such, your organisation should implement settings to only allow macros from trusted sources to execute.

  1. User application hardening

Many common applications are set at lower security functions by default, including web browsers, advertisements, Java, and Flash. Configuring your settings to disable unnecessary features will elevate your security posture.

  1. Restrict administrative privileges

Administrative privileges in your operating systems and applications usually bypass regular security settings. If a cyber criminal takes over an administrator’s account, they have enormous access and intelligence about your organisation. Restricting those privileges therefore makes your defence more resilient.

  1. Patch operating systems

Patching those computers and network devices at risk, using the latest operating systems, and avoiding the usage of outdated versions will help keep your organisation up to date with the latest cyber security trends.

  1. Multi-factor authentication

Multi-factor authentication (MFA) increases the difficulty for cyber criminals attempting to gain access to your accounts. If you need to use your mobile phone in addition to your password to access your email, for example, then a cyber criminal must compromise both of these in order to breach your account.

  1. Daily backups

Daily backups should be performed so you can regain access following a cyber security incident such as ransomware. Your backups should also be frequently tested to ensure they are operational.

 

Aims of the Essential Eight

The first four strategies (application control, patch applications, configure Microsoft Office macro settings, and user application hardening) are designed to prevent malware from infecting your systems and applications.

The next three strategies (restrict administrative privileges, patch operating systems, and multi-factor authentication) are designed to minimise the consequences of cyber security breaches, as well as the chances of a criminal penetrating your defences.

The last strategy, to perform daily backups, is designed to recover your data and availability after a cyber breach.

Undertaking a multi-layered approach like this, where the failure of one layer will not necessarily lead to a breach, remains the best way to establish comprehensive protection for your IT environment.

 

The Maturity Model

Each of the eight strategies is evaluated on a maturity level from Level One to Level Three.

Level One is considered suitable for small and medium enterprises; Level Two is for large enterprises; and Level Three is for critical infrastructure providers and organisations that operate in high-threat environments.

Each strategy has different standards for each maturity level. For example, an organisation that reaches Level One maturity in user application hardening would need to configure their settings to block Flash content. However, in order to reach Level Two, the organisation would need to block Flash, advertisements, and Java.

 

How can CT help?

In line with the Essential Eight Maturity Model, CT Cyber’s philosophy is that cyber security should be adopted in a multi-layered approach. We create alignment between People, Process and Technology, intertwined with Principles, Risk and Controls across the environment. An integrated approach also ensures that cyber security does not consider any element in isolation, where if one element is unsecured, the entire system becomes vulnerable. Implementing effective cyber protection requires several elements to be threaded together to allow a holistic approach.  At CT Cyber we understand that security must cover the entire system, not just individual devices, and it also must be the responsibility of all stakeholders.

Our Extended Detection and Protection (XDP) solution is a new approach to threat detection and protection, customised to cover all of the Essential Eight controls and more. Our integrated approach is a key element of defending your organisation’s applications, infrastructure and data from unauthorised access and misuse. We deliver visibility across networks, clouds and endpoints while applying analytics and automation to address increasingly sophisticated threats. Our XDP platform addresses these key Essential Eight principles:

  • Grants visibility through our Detect and Response solutions capability, which ensures cyber security events and anomalous activities are collected, correlated, and analysed in a timely manner, supporting logging and incident response activities.
  • Raises maturity levels across all Essential Eight principles when implementing EDR (End Point Detect and Response) and ZTNA (Zero Trust Network Access) to reduce the attack surface of systems, networks, and applications.
  • Improves ‘patch applications’ maturity level through our Vulnerability Management capability, which ensures asset vulnerabilities are identified and documented.
  • Ensures compliance with administrative privilege requirements through our Managed XDP solution, enabling monitoring for unauthorised personnel, connections, devices, and software.
  • Implements multi-factor authentication and administrative privileges by deploying multiple methods to identify and authenticate personnel to systems, applications, and data repositories.

For further information on our cyber security philosophy and solutions, head over to our cyber security page.