The rise in cyber attacks among government agencies, companies and contractors calls for a need to prevent the compromise of sensitive data or stolen personally identifiable information (PII) data.
The growing sophistication in attacks make it more and more difficult to safeguard the federal government’s assets and its critical cyber infrastructure.
The Australian Cyber Security Centre (ACSC) of the Australian Signals Directorate (ASD) has published a framework to help agencies understand risk mitigation strategies.
Known as the Essential Eight, the document provides guidance on how to boost the security posture and respond to cybersecurity incidents (1).
The Essential Eight baseline mitigation strategies include;
1. Use application control to prevent the execution of malicious programs.
2. Patch applications and use the latest versions of applications.
3. Configure Microsoft Office macro setting to block macros from the internet and only allow vetted macros.
4. Implement user application hardening, including configuring web browsers and disabling unneeded application features.
5. Restrict administrative privileges to operating systems and applications based on user duties.
6. Patch operating systems and use the latest version of the operating system.
7. Set up multi-factor authentication for all users when they perform a privileged action or access an important data repository.
8. Set up and perform regular backups of important new/changed data, software and configuration settings.
Find out more at here….