Threats to your cyber security today are both persistent and constantly evolving. Although access to technologies like social media, online banking and internet-based government services are generally positive for businesses, the use of such technology can inevitably open us up to a range of online security obstacles. This is definitely substantiated by the Australian Government’s most recent Cyber Security Review, with cybercrime reported as costing the Australian Economy an astounding $1billion annually.
Does this mean you should stop using your online luxuries and revert to caveman-like technology? Not at all. It simply means that you need to remain cyber-aware and employ the right mitigation strategies in responding to incidents caused by various cyber threats. That’s where the Essential 8 comes in.
The Essential 8 explained
Although there’s no singular proven ‘best method’ that’s guaranteed to prevent attacks on cyber security, the Australian Cyber Security Centre (ACSC) recommends that organisations implement eight key mitigation strategies as an essential starting point.
This starting point works by virtually setting up 8 essential “hurdles”, to make it harder for people or organisations with malicious intent to compromise your systems. If implemented proactively, these mitigation methods can also lead to businesses being more cost-effective in terms of time, money and effort, that otherwise would be spent on responding to cyber security incidents.
Before diving headfirst into employing these strategies, consider doing the following for your organisation:
- Identify which of your systems might need important protection. Which systems store, process or communicate any sensitive or important private information?
- If possible, consider adversaries that may be likely to attack your systems. This could be an interested nation-state, cyber criminals or even an insider with ill-intent.
- Identify which level of protection you may need.
When it comes to building strong cyber security practices for yourself and business, no one two organisations are exactly the same. Each may have a different expectation or weighting given to the importance of protecting different information and systems, as well as potential for varied adversaries and specifically identified online threats. By considering these 3 points first, you’re more likely to have success in employing the Essential 8 as a next step.
What are the Essential 8?
- Application Whitelisting: As the word suggests, whitelisting is the opposite of “blacklisting”. This means that you allow some identified entities to access a certain privilege, service or access recognition. In this instance, it’s recommended that you whitelist trusted programs to deter and stop the execution of any malicious programs.
- Patch applications: In other words, this “patching” strategy simply recommends implementing a set of changes to a program/s or computers, or data to update, fix bugs or improve security issues for computers identified as being “high risk”. It’s best to update every 48 hours to best secure these computers. Applications to consider applying this strategy to include: Flash, web browsers, Microsoft Office, Java, and PDF viewers.
- Configure Microsoft Office: Ever received that age-old virus warning or request to run macros when sharing files or downloading an excel file from the internet? Macros are essentially shortcuts set up and attached to an application, to help automate repeated tasks within that application or file. The catch is that certain viruses can present as being macros when you’re downloading a document from the internet or file sharing. Ensure you only ever run these if the macro has been created internally or accurately vetted as being from a trusted source.
- User application hardening: Ensure your web browsers block or ideally, wholly uninstall Flash, ads, and Java on the internet. Additionally disable features in Microsoft Office (e.g. OLE), web browsers and PDF viewers, if possible. Each of these features are popular ways to gain access and attack your systems for cyber criminals.
- Restrict administrative privileges: Admin accounts are essentially “keys to the kingdom”, it’s best to restrict these privileges so the only people who have access – A. absolutely need it, and B. are 100% trusted within your organisation. Other access and privileges to operating systems should only be allowed based upon individual duties, as well as regularly updated. By restricting access, adversaries will be less likely to find and gain full access to your information and systems.
- Patch operating systems: As with your applications, all operating systems should be patched with “extreme risk” devices. Always use the latest version of your operating systems and never use unsupported versions.
- Add multi-factor authentication: It should come as no surprise that stronger authentication makes it harder for hackers and adversaries to access your systems or sensitive information. This should be included for all CPNs, RDP, SSH or other remote access, and for all users when they perform any privileged actions or access important data.
- Daily backups: Always regularly backup any important new or changed information, data, software + configuration settings. Ensure this is stored, disconnected and retained for at least three months. Test that restoration works using these backups initially, annually and whenever your IT infrastructure is updated. This will ensure all information can be accessed should you need to recover data in the instance of a cyber security attack.
Ask for assistance
We understand that ensuring that you’re cyber secure and not left vulnerable in today’s interconnected world, can be both a complicated and confusing task. To discover more about the Essential 8 and how you can best protect any information available in your organisation’s systems, be sure to check out the Australian Government Information Security Manual (ISM).
More importantly, know that you aren’t alone – we’re here to assist you year-round. For further help in understanding how the Essential 8 applies to your systems and processes or for specific assistance in setting up your organisation’s cyber security systems and relevant mitigation strategies, contact us.