Essential 8
Business / Home OfficeScalable IT Solutions
Unravelling the Essential Eight: Your First Steps in Cyber Security
The Australian Cyber Security Centre (ACSC) has put together some top strategies to help your organisation stay safe online. Among these, the Essential Eight stand out as the most effective.
The Essential Eight were designed for Microsoft Windows-based, internet-connected networks. While they can be used for cloud services and other operating systems, they’re not tailor-made for these. So, in these cases, you may need to consider some other strategies.
Understanding the Essential Eight Maturity Model
The Essential Eight Maturity Model was first published back in 2017, and it’s been regularly updated since, with the last revision in November 2022. This model is like a roadmap to help you implement the Essential Eight in your organisation.
When using the Essential Eight, you’ll want to target a specific maturity level that suits your needs and then work towards that level. All eight strategies are designed to work together, so you should aim to reach the same maturity level across all of them before moving onto the next level.
And remember, the Essential Eight are just a starting point. You’ll likely need additional security measures, depending on your specific environment and the threats you face.
The Importance of Maturity Levels
There are four maturity levels in the Essential Eight, from Level Zero to Level Three. Each level is designed to counteract different levels of cyber threat sophistication, which we refer to as adversary tradecraft. These are the tools, tactics, techniques and procedures used by cyber attackers.
You don’t need an independent party to certify your Essential Eight implementation unless it’s required by government policy, a regulator, or a contract.
Starting at Maturity Level One
Level One is all about protecting your organisation from attackers who are happy to use widely available, simple techniques to gain access to your systems. These folks are usually just looking for any victim, not necessarily a specific one. They’ll use common weaknesses to their advantage, often using social engineering to trick users into lowering their defences.
And what happens if they get in? If they find a user with special privileges, they’ll exploit it. Depending on their goals, they may even destroy data, including backups.
What Level One Requires
There are a few strategies that you need to put in place for Maturity Level One:
Application Control
This strategy involves controlling what applications can run on a system. Unrecognised or potentially harmful applications are blocked from running, reducing the chance of malware being executed. This is particularly important for executables, software libraries, scripts, installers and other potentially risky formats, especially when originating from user profiles or temporary folders.
Patch Applications
This refers to the practice of keeping your software updated. Software vendors frequently release patches or updates to fix known security vulnerabilities. By not updating, you could leave your system open to attack. It’s important to have a process in place to regularly check for and apply these updates.
Configure Microsoft Office Macro Settings
Macros can automate tasks in Office, but can also be used maliciously. By configuring the settings, you can limit the potential damage. This means disabling macros where they aren’t needed, blocking macros in files from the internet, enabling antivirus scanning for macros, and preventing users from changing these settings.
User Application Hardening
This strategy involves setting up applications with the least amount of privileges possible. If a user doesn’t need certain capabilities or access, it should be disabled to reduce potential security risks. For example, preventing web browsers from processing Java or web advertisements from the internet.
Restrict Administrative Privileges
Administrative accounts have powerful privileges which, in the wrong hands, can lead to significant damage. It’s important to limit who has these privileges and to validate any requests for access. Also, privileged accounts should not have access to the internet, email, and web services. And, privileged and unprivileged accounts should be kept separate.
Multi-Factor Authentication
This adds an extra layer of security to the authentication process. Instead of just a password, users will need to provide another form of identification to access certain systems or data. This can be a code sent to their phone or a biometric factor like a fingerprint.
Patch Operating Systems
Like with applications, your operating system (OS) needs to be kept up-to-date. An outdated OS can leave your system open to cyber threats. Regularly scan for and apply updates and patches.
Frequent Backups
Even with strong security, things can still go wrong. Regularly backing up important data, software, and configuration settings helps to ensure you can recover your system if something does happen. This should be done in line with your business continuity requirements.
These strategies are aimed at level 1 maturity, but it’s important to remember that this is a starting point. As the cyber threat landscape evolves, it’s crucial to regularly review and update your strategies and increase the maturity level where necessary.
Finally, don’t hesitate to contact our team at AXIS Digital or the ACSC at 1300 CYBER1 (1300 292 371) if you need more guidance.
FREE Review
Interested in receiving a complimentary review for any of your systems? We can assess various aspects such as computer hardware, IT solutions, backup and security measures, websites, and digital marketing strategies.
Let's Start a Conversation
If you'd like to know more about working with us, we're always happy to have a chat about what we can offer so why not give us a call or drop us an email.