The Australian Cyber Security Centre (ACSC) has built a maturity framework around a series of eight mitigation strategies that significantly reduce the likelihood and impact of a security breach.
The maturity framework allows organisations to judge the level they wish to achieve based on their risk appetite and desirability to adversaries.
ASI works with customers in developing their essential eight environments. From assessment, build, maintenance and compliance – ASI has the skills to take you on your Essential Eight journey.
Start protecting your organisation today with ASI Solutions’ Essential Eight program and rest assured that your business is taking all the necessary steps to protect itself from the risks of cybercrime.
Get started with the Essential Eight within your business
Thank you for your submission, we'll be in contact with you soon.
Ransomware attacks have risen by 62% worldwide and Australians have lost over $851 million to scams
Essential Eight educates your employees to identify and respond appropriately to cybersecurity threats.
Increasing responsibilities for Directors
Corporations Act
Responsible for care, due diligence and managing risk.
Privacy Act
3 million “reasonable” steps to protect personal information.
Mandatory Data Breach Notification
Significant fines for failure to protect information relating to individuals
Australian Consumer Law ACCC now has the power to act against businesses regarding poor cyber practices.
WHAT IS INCLUDED IN THE ESSENTIAL EIGHT?
Application Control
Protect against untrusted, unwanted or malicious code (also known as malware) executing on systems.
Application Patching
Patches, updates or vendor mitigations for security vulnerabilities in internet-facing services are applied.
Microsoft Macro Configuration
Microsoft Office macros, potentially carrying malicious VBA code, are disabled for users and files from the internet are blocked.
User Application Hardening
Web browser, Microsoft Office and PDF software are stopped from processing, injecting code, running child processes and executable content.
Restricting Admin Privileges
Requests for privileged access to systems and applications with a demonstrated business requirement.
Multi-factor Authentication
Uses two or more identity factors to establish an individual's identity such as a password, PIN, token or fingerprint recognition.
Regular Backups
Backups of important data, software and configuration settings.
Patch Operating Systems
Patches, updates or vendor mitigations for security vulnerabilities in operating systems of internet-facing services.
ASI Essential Eight Outcomes
Decreased risk
Know that by applying the essential eight to your environment should decrease the likelihood and impact of a security incident.
Decreased Cost
By applying these controls, you’re likely to have reduced the financial impacts if a breach were to occur.
Increased customer confidence
Your customers and partners will have confidence dealing with an organisation who is using essential eight.
MORE RESOURCES
See how ASI Solutions cyber security services could support your business
News
March 13, 2023
ASI Solutions’ Zach Amos awarded Sophos Alpha Elite status