The Essential Eight: assess your Cyber Security compliance

How do you ensure your organisation is flexible and responsive to cyber attacks? 

Have you put strategies in place to ensure that you are not only protecting against cyber attacks but also reducing your exposure to risks and learning from incidents, whether they be intentional or unintentional?   

Do you have checks and measures in place to ensure continuous reporting of your cyber resilience?

The Australian Cyber Security Centre (ACSC), has developed a set of strategies known as the Essential Eight.  The ACSC are the lead agency of cyber security, and constantly evolve to keep pace with countering cyber criminal activity as it too evolves. This set of prioritised mitigation strategies cut through the thousands of strategies that have been published to deal with cyber security and focus attention on a set of strategies that should be implemented as a baseline – an ‘Essential Eight.’ 

“implementing the Essential Eight pro-actively can be most cost-effective in terms of time, money and effort [rather] than having to respond to a large-scale cyber security incident” 

https://www.cyber.gov.au/advice/how-to-mitigate-cyber-security-incidents

The Essential Eight is a great way to establish the foundations of a cyber security framework.  Developed in Australia, the framework has been designed to provide technical guidance in improving an organisation’s cyber security maturity, providing mitigation strategies to:

  • prevent malware delivery and execution

1. Application whitelisting

2. Patching applications

3. Office macros

4. Harden user applications

  • limit the extent of cyber security incidents

5. Restricting administrative privilege

6. Patching operating systems

7. Multi-factor authentication

  • recover data and system availability

8. Backup daily

The Essential Eight Assessment is available as part of Service Improvement Manager’s (SIM) Information and Cyber Security library bundle.  It contains all the questions / controls required to assess compliance, saving organisations significant time and effort in getting started with their cyber security initiatives.

SIM takes this one step further by not only providing the tools to complete a gap analysis, but also enables users to build an improvement plan to ensure that cyber security compliance is improved and then monitored on an ongoing basis.  

Ensure your organisation is cyber resilient by being able to continuously deliver despite adverse cyber events…get started today!

 

For further information on the Essential Eight, visit https://www.cyber.gov.au/node/162

 

Join our mailing list to get the latest news sent straight to your inbox!