The Australian Cyber Security Centre (ACSC) has developed prioritised mitigation strategies to help organisations enhance their cyber security posture and defend against various cyber threats.
Known as the Essential Eight (E8), these strategies are especially beneficial for smaller organisations and those working with government agencies.
While not mandatory, implementing the Essential Eight is an acceptable method to demonstrate an organisation's cyber security baseline posture.
The Essential Eight focuses on protecting Microsoft Windows-based internet-connected networks and includes the following mitigation strategies:
Application control
Patch applications
Configure Microsoft Office macro settings
User application hardening
Restrict administrative privileges
Patch operating systems
Enable multi-factor authentication
Perform regular backups
To assist organisations, the ACSC defines four maturity levels (Maturity Level Zero to Maturity Level Three) for implementing the Essential Eight.
These levels are based on mitigating increasing levels of adversary tradecraft and targeting.
It's important to consider the desired level of protection against tradecraft and targeting, rather than specific adversaries.
Enhance your cyber security with the Essential Eight and strengthen your defence against cyber threats.
For guidance on implementation and bolstering your organisation's security posture, contact our expert team.