• Skip to primary navigation
  • Skip to main content
  • Skip to footer
Logo of Agilient Security Consultants, Australia

Agilient Security Consultants Australia

Cybersecurity & Risk Management Specialists

Menu
  • Home
  • Industries
      • Aviation
      • Defence & Defence Industry
      • Government
      • Health & Hospitals
      • Corrections and Detention
      • Maritime
      • Aged Care Facilities
      • Mining, Oil & Gas
      • Public Venues & Events
      • Rail
      • Research and Education Industry
      • Telecommunications
      • Utilities
    • advice-colleagues-communication-newIndustries
  • Services
      • Cybersecurity
      • Protective Security
      • Business Resilience
      • Building Security Consultants
      • Security Audits
      • Pandemic Planning
      • Electronic Security
      • IT Disaster Recovery Plan
      • Security Consultants
      • CCTV and Security Cameras
      • Duress Alarms
      • Security Risk Assessment Consultants
      • Managed Security Service Provider
      • Protection against Vehicles as a Weapon
    • training-1Services
  • Solutions
    • banner-menuUnisys Solutions
    • CTO-Blog-110619-Header-GraphicLookingGlass Solutions
    • menu-bg-2Dell Technologies (RSA) Solutions
    • Sightline-Visualization-menuSightline Solutions
  • Resources
    • menumanagers-dealing-customer-agreTraining
    • working-together-newJoin The Tribe
    • Webinars_3-1.jpgUpcoming and Past Events
    • hacking-detected-shutterstock_newResources
  • Articles
  • About
    • About Us
      We are an Australian owned and operated security company specialising in risk, cybersecurity, protective security, crisis and business continuity management services.
    • frequently-asked-questions-smallFAQ’s
    • bg-menu-government-institutionsConsultant Registration
  • Contact Us
Contact Us

Understanding the Essential Eight Framework for Cybersecurity

You are here: Home / Security News / Understanding the Essential Eight Framework for Cybersecurity

Cyber-attacks have been reported all over the world, as the fight to secure the digital space from threat actors continues. Governments, corporations, academic institutions and even individuals can all be targeted, and sometimes exploited, through cyber-attacks and espionage, so cybersecurity is more important than ever.

The Australian Cyber Security Centre (ACSC) have set up a baseline framework called “The Essential Eight” that helps all types of organisations in Australia to secure their assets from cyber-attacks. The framework focuses on three areas:

  1. Preventing Malware Delivery and Execution
  2. Limiting the Extent of Cyber Security Incidents
  3. Recovering Data and System Availability

Preventing Malware Delivery and Execution involves hardening the software that organisations use on a daily basis.

Mitigation Strategies to Prevent Malware Delivery and Execution

  • Application control to prevent execution of unapproved/malicious programs including .exe, DLL, scripts (e.g. Windows Script Host, PowerShell and HTA) and installers.
    Why: All non-approved applications (including malicious code) are prevented from executing.
  • Configure Microsoft Office macro settings to block macros from the internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.
    Why: Microsoft Office macros can be used to deliver and execute malicious code on systems.
  • Patch applicationsg. Flash, web browsers, Microsoft Office, Java and PDF viewers. Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications.
    Why: Security vulnerabilities in applications can be used to execute malicious code on systems.
  • User application hardening. Configure web browsers to block Flash (ideally uninstall it), ads and Java on the internet. Disable features that are not required in Microsoft Office (e.g. OLE), web browsers and PDF viewers.
    Why: Flash, ads and Java are popular ways to deliver and execute malicious code on systems.

These measures will enable businesses to operate their system knowing that it will be secure. However, this first stage by itself is not enough to secure assets fully from cyber-attack.

Mitigation Strategies to Limit the Extent of Cyber Security Incidents

  • Restrict administrative privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing.
    Why: Admin accounts are the ‘keys to the kingdom’. Adversaries use these accounts to gain full access to information and systems.
  • Multi-factor authentication including for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important (sensitive/high-availability) data repository.
    Why: Stronger user authentication makes it harder for adversaries to access sensitive information and systems.
  • Patch operating systems. Patch/mitigate computers (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operating system version. Don’t use unsupported versions.
    Why: Security vulnerabilities in operating systems can be used to further the compromise of systems.

Developing strategies that limit the extent of cybersecurity incidents will help organisations to quickly react to cyber incidents and contain the threat before it grows and causes more damage to the system.

The third area of focus in the Essential Eight framework is strategies for recovery of data and system availability.

Mitigation Strategies to Recover Data and System Availability

  • Daily backups of important new/changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.
    Why: To ensure information can be accessed following a cyber security incident (e.g. a ransomware incident).

Without proper backup, recovering from a cyber-attack or incident can be difficult, data that was stolen or corrupted cannot be restored to its original state, and cybersecurity will be compromised.

The Essential Eight framework has three components working in synergy to provide a solid foundation for holistically securing the organisation’s system, while also preparing them to respond to incidents or breaches in their cybersecurity.

Contact us for more information on how to keep your business secure.

Author: Saeed Baayoun, Agilient Consultant

Tweet
Share

General,  Security News ACSC,  Australian Cyber Security Centre,  cyber attack,  cybersecurity,  malware,  The Essential Eight

Looking for a security partner? Get in touch with Agilient.

Looking for practical and cost-effective security and risk solutions for your government department, agency or company? Speak with Australia’s leading senior security, risk and resilience experts.


Looking for a pandemic planning partner? Get in touch with Agilient.

Looking for practical and cost-effective risk management solutions for your government department, agency or company? Speak with Australia’s leading senior risk and emergency management experts.



Footer

Agilient is a proud member of

Ai Group Defence Council
Australian Industry & Defence Network
Australian Security Industry Association
Sydney Aerospace & Defence Interest Group

Company and Licensing Details:

ABN: 37 157 911 441
NSW Security Master Licence # 410783087
ACT Security Master Licence # 17502184
Vic Security Registration # 878-460-40S
Qld Security Firm Licence # 3834422

Join The Tribe

Sign up to receive our regular Agilient newsletter including the latest security, risk and resilience updates

Sign up now

Copyright © 2022 Agilient – Level 14, 275 Alfred St, North Sydney NSW 2060 Australia – 1300 341 692