Table of Contents
2022 was a challenging year for Australia on the cybersecurity front, with several high-profile incidents putting the spotlight on our lack of cybersecurity awareness. The far-reaching Optus cybersecurity breach highlighted several of Australia’s weaknesses in the cyber arena,1 and the Medibank data breach truly hammered home the point that more must be done to shore up Australian companies’ cyber defences.2
Cyberattacks on Australian organisations are also becoming more common. In March, Tech Wire Asia3 wrote about several notable recent security breaches – including unauthorised access to IPH’s IT environment as recently as 13 March 2023 – and noted that cybersecurity remains an ongoing concern in Australia. Organisations that suffer data breaches often incur huge reputational damage and loss of client confidence; they may also have to pay hefty fines and may even be at risk of class-action lawsuits from clients.
While it may be impossible to establish an impenetrable cyber defence, organisations must try their best to mitigate cybersecurity risks and make themselves a more elusive target to discourage bad actors. This is where the Australian Cyber Security Centre (ACSC) can assist in providing guidance for a cybersecurity framework.
The ACSC has introduced the Essential Eight – eight mitigation strategies aimed at supporting Australian organisations to mitigate the risks associated with cyber threats and protect valuable information assets and achieve a robust level of cybersecurity. It serves as a baseline for organisations to build a robust cybersecurity posture and has become a go-to resource for businesses looking to reduce the risk of compromise and data breaches (ACSC, 2021).
While the Essential Eight provides guidance and structure to help businesses improve their cybersecurity, it can be challenging to weave it into your existing IT infrastructure. So, what do you need to know?
Applying the Essential Eight framework
As organisations work towards implementing a mitigation strategy, the eight key areas of focus that the Essential Eight covers are:
This is a security approach designed to protect against malicious code (also known as malware) executing on systems. When implemented, it ensures only approved applications can be executed. While it is primarily designed to prevent the execution and spread of malicious code, it can also prevent the installation or use of unapproved applications.
Unpatched applications are often exposed to security vulnerabilities. Regularly updating and patching applications, especially those with known security vulnerabilities, can significantly reduce the risk of exploitation by cybercriminals.
Configure Microsoft Office macro settings
Unauthorised macro use may enable malicious code to gain a foothold, compromising the organisation’s cybersecurity. Therefore, disabling macros in Office documents can prevent the execution of malicious code embedded in documents.
User application hardening
The prevalence of malicious advertising (malvertising) has created the need to uninstall Adobe Flash and disable Microsoft Office OLE (object linking and embedding) packages. Restricting the functionality of applications, such as disabling web browser plugins, can minimise the attack surface available to cybercriminals.
Restrict administrative privileges
Based on user duties, administrative privileges of operating systems and applications should be restricted. Privileged accounts should not be used for reading emails and web browsing, and organisations should regularly revalidate this list of privileged accounts. Limiting the number of users with administrative access and regularly reviewing their privileges can reduce the risk of unauthorised access to sensitive systems and data.
Patch operating systems
By keeping your organisation’s devices patched and up to date, you can improve performance by resolving known bugs and prevent downtime. Many network breaches can also be traced back to unpatched operating systems, making it imperative for organisations to keep to a regular patch schedule.
Implementing multi-factor authentication for critical systems and remote access can provide an additional layer of security, making it more difficult for unauthorised individuals to gain access.
Regular backing up of critical data ensure resilience against both operational and security incidents. Backups are a core function of all BC-DR (Business Continuity and Disaster Recovery) plans.
Maturity level and your organisation
Assessments against the Essential Eight are conducted using the Essential Eight Maturity Model. This maturity model describes three target maturity levels (Maturity Level One through to Maturity Level Three) which are based on mitigating increasing levels of adversary targeting and tradecraft. The maturity model also includes Maturity Level Zero, which captures instances in which the requirements of Maturity Level One are not met.
At Experteq, we understand that organisations’ risk profile differs from one company to the next (in size, complexity, and industry) and we are able to provide tailored assessments, recommendations, and implementation to minimise and mitigate risks.
If you’re looking to beef up your organisation’s cybersecurity to stay competitive in today’s fast-paced business environment, the Essential Eight framework is a great place to start as it provides robust recommendations and an easy-to-implement action plan that will strengthen your cybersecurity posture.
As mentioned earlier, cybersecurity breaches can be extremely costly, and any resulting damage – especially reputational – can be widespread and long-lasting. Therefore, it makes good business sense to invest more in cybersecurity to minimise and mitigate such attacks as much as possible.
As your trusted IT partner, Experteq can help you mitigate cybersecurity risk and guard against cybersecurity threats in this rapidly evolving threat landscape. Find out more about what Experteq offers here.