Security incidents continue to hit the headlines globally with alarming regularity.
As our digital environment continues to change, businesses are generating larger volumes of data, operating in remote environments, and we’re increasingly dependent upon connectivity and the cloud.
The downside of this digital evolution is that we’re more exposed to external threats and internal vulnerabilities.
According to the Australian Cybersecurity Centre Threat Report in 2017, the vast majority of reported cyber incidents affecting the Australian private sector were criminally motivated, typically for financial gain.
So, how do the Essential Eight Guidelines reduce our business’ exposure to cyber risk?
In 2017, the Australian Signals Directorate (ASD) for businesses and government created the Essential Eight guidelines. This is a prioritised list of mitigation strategies to assist organisations in protecting their systems against a range of adversaries. The strategies can be customised based on each organisation’s risk profile and the adversaries they are most concerned about.
It’s important to note that no single risk mitigation strategy is guaranteed to prevent a breach. Instead, it’s recommended that businesses take a multi-layered approach.
The ASD recommends that before implementing any of the mitigation strategies, organisations should perform the following activities:
- Identify which systems require protection
- Identify adversaries most likely to target your systems (e.g. cybercriminals or malicious insiders)
- Identify what level of protection is required
It is also recommended that these guidelines be implemented in consecutive order for maximum protection.
Mitigation strategies to prevent malware delivery and execution
1. Application whitelisting of approved/trusted programs to prevent unapproved/ malicious programs and installers.
2. Configure Microsoft Office macro settings to block macros from the Internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.
3. Patch applications. Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications.
4. User application hardening. Configure web browsers to block Flash (ideally uninstall it), ads and Java on the Internet. Disable unneeded features in Microsoft Office, web browsers and PDF viewers.
Mitigation strategies to limit the extent of cybersecurity incidents
5. Restrict administrative privileges to operating systems and applications based on user duties. Regularly re-validate the need for privileges. Don’t use privileged accounts for reading email and web browsing.
6. Multi-factor identification including for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important data repository.
7. Patch operating systems. Patch/mitigate computers (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operating system version. Don’t use unsupported versions.
Mitigation strategies to recover data and system availability
8. Daily backups of important new/changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.
How can we help?
While implementing the mitigation strategies can seem like a monumental task, Huon IT is available to help define, develop and implement an Essential Eight strategy that’s customised for your business.
Our Cybersecurity Maturity Program is a comprehensive IT advisory service to help executive & management teams ensure your organisation is cyber-smart.
For more information, get in touch with our cybersecurity experts on 1300 HUON IT (4866 48) or contact us.
Click on the image below to read the 10 IT Security Essentials for Australian Business.