In 2017, The Australian Cyber Security Centre (ACSC) released eight essential strategies to prevent malware delivery, limit the impact of cybersecurity attacks and improve recovery.
The Essential Eight maturity model became available in July 2021 and uses a scoring system from 0-3 to help businesses identify their security posture.
The Essential Eight are designed to protect windows-based networks and outline a minimum level of preventative measures. Though there is no requirement for an organisation to be “Essential Eight Certified”, the Essential Eight are considered by the ACSC as the most effective strategies for limiting the impact of cyber security incidents, and hence are an excellent way to ensure the cyber-resiliency of your organisation’s mission.
The mitigation strategies that constitute the Essential Eight are:
- Application control
- Patch applications
- Configure Microsoft Office macro settings
- User application hardening
- Restrict administrative privileges
- Patch operating systems
- Multi-factor authentication
- Regular backups
The Essential Eight are a set of risk-based strategies and represent the most impactful and cost-effective steps. Maturity levels range for Maturity 0 though to Maturity 3 with the levels designed to build upon the lower levels and fit your risk profile – while Level 1 indicates an overall comprehensive coverage to protect against common attacks, Level 2 and 3 add resiliency against custom, targeted attacks. It’s recommended that each level is achieved in full across the Eight strategies before considering higher levels – to use a building analogy it’s better to complete a floor, before starting on a new storey.
Contact Calibre One to book and Essential Eight Assessment with one of our qualified Cyber Security experts today.