Essential 8 Mitigations for Targeted Cyber Intrusions
The Australian Signals Directorate (ASD) has made mandatory the implementation of the Essential 8 strategies for mitigation of targeted cyber intrusions for Federal Government Agencies.
Until now it has been very difficult for an organisation to validate that it has sufficient security controls in place to secure its IT infrastructure in line with these requirements.
Introspectus provides an independent auditing capability that is separate from the organisation’s security enforcing products, providing assurance that an organisation’s security controls are in place for the Essential 8 mitigations, and are working.
ASD's Mitigation strategies to prevent malware delivery and execution *
Application Whitelisting
Prevent execution of unapproved/malicious programs, including .exe, DLL, scripts and installers by whitelisting approved/trusted programs.
Why: All non-approved applications (including malicious code) are prevented from executing.
Learn MoreApplication Patching
Patch/mitigate computers with extreme risk vulnerabilities within 48 hours by using the latest version of applications. e.g. Flash and web browsers.
Why: Security vulnerabilities in applications can be used to execute malicious code on systems.
Learn MoreMicrosoft Office Macros
Configure settings to block macros from the Internet, and only allow vetted macros either in trusted locations with limited write access or digitally signed with a trusted certificate.
Why: Microsoft Office macros can be used to deliver and execute malicious code on systems.
Learn MoreUser Application Hardening
Configure web browsers to block Flash, ads and Java on the Internet. Disable unneeded features in Microsoft Office, web browsers and PDF viewers.
Why: Flash, ads and Java are popular ways to deliver and execute malicious code on systems.
Learn MoreASD's Mitigation strategies to limit the extent of cyber security Incidents *
Restrict Administrative Privileges
Restrict administrative privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don't use privileged accounts for reading email and web browsing.
Why: Admin accounts are the keys to the kingdom. Adversaries use these accounts to gain full access to information and systems.
Learn MorePatch Operating Systems
Patch/mitigate computers with extreme risk vulnerabilities within 48 hours by using the latest supported operating system version.
Why: Security vulnerabilities in operating systems can be used to further the compromise of systems.
Learn MoreMulti-Factor Authentication
Implement multi-factor authentication, including for all remote accesses, and for all users when they perform a privileged action or access an important data repository.
Why: Stronger user authentication makes it harder for adversaries to access sensitive information and systems.
Learn MoreASD's Mitigation strategies to recover data and system availability *
Daily Backups
Perform daily backupts of important new/changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.
Why: To ensure information can be accessed again following a cyber security Incident (e.g. after a successful ransomware Incident).
Learn More
Useful Links
Fyshwick ACT 2609
Phone: (02) 6163 2400
Fax: (02) 6163 2402
Email: info@mbits.com.au
Introspectus
Designed and built by INTROSPECTUS Pty Ltd.