The Australian Cyber Security Centre ACSC developed the Essential Eight Strategies based on their experience in managing cyber threat intelligence for the Australian government.
The Essential Eight Strategies are designed to protect Microsoft Windows-based internet-connected networks. It can also extend to cloud services and enterprise mobility with additional specific controls.
If your organisation:
collects, holds or uses personal or business sensitive information,
uses Windows based applications,
uses cloud services, or
uses mobile technologies,
then the essential eight strategies have the potential to provide risk mitigation measures.
These are generally [IT] technical in nature however rely on a commitment within an organisation to implement and follow the strategy.
The Essential Eight can help to mitigate the majority of cyber threats depending on the level of risk mitigation controls put in place.
Essential Eight - KISS Principal Explanations
In layman’s language, the Essential Eight strategies cover the essential controls necessary to mitigate the following eight recognised risk issues.
Strategy 1: Application control when executing [running] programs
Q: What is meant by ‘application control’?
A: Application control is a system to identify [information/data] traffic from various applications on a network and validate its authenticity.
Strategy 2: Patch application updates for security vulnerabilities in internet-facing services
Q: What is a ‘patch application’?
A: A patch is an update to a software application to update potential vulnerabilities in the software’s capabilities.
Q: What are security vulnerabilities?
A: A security vulnerability is a software code flaw or a system misconfiguration or fault through which attackers can gain access.
Q: What is an internet - facing service?
A: Any service accessed by anyone via any number of ports, protocols or services over the internet.
Strategy 3: Configure Microsoft Office macro settings and ensure they are permanently enabled
Q: What are Microsoft Office macro settings?
A: Macro’s are embedded codes contain a series of commands, and the settings are the automated factors that will instruct the macro when to run.
Strategy 4: User application hardening [fixed] to control web browser activities from the internet
Q: What does user application hardening mean?
A: Hardening means protecting against intrusions by eliminating vulnerabilities and increasing layers of security. To ‘fix’ it means to stop others changing or disconnecting it.
Strategy 5: Restrict administrative privileges to prevent/limit access to systems and applications
Strategy 6: Patch operating systems are enacted in a timely and effective manner
Q: What is a ‘patch operating system’?
A: Patches to software and operating systems updates that fix vulnerabilities/weaknesses in the software program.
Strategy 7: Multi-factor authentication used to authenticate internet-facing services and others
Q: What is a ‘multi-factor authentication’?
A: Multi-factor authentication (MFA) is a security measure that requires two or more proofs of identity to grant you access.
Strategy 8: Regular backups of data, information, software and configuration settings
What's next?
Step 1 Identify what systems and level of security [for each strategy] do you currently have in place.
Assess your current level of risk mitigation from:
0 - ground zero [nothing much],
Level 1 - Base line [something better than nothing],
Level 2 – Intermediate risk mitigation [some solid practices], and finally,
Level 3 - Best practice representing the best protections you can have.
Step 2 Rate the risk of each strategy to your organisation and give it a risk priority
Step 3 Determine what to do in order of risk and given your budget and time resources.
Step 4 Having implemented changes, review risk status – what’s changed and how more cyber secure are you?
Comments