The Essential Eight cyber security model: How do you measure up?

29Nov

The Essential Eight cyber security model: How do you measure up?

By Cybersecurity Alerts, eNewsletter, IT Security, News & Updates , , 0 Comments

It feels like we watch cyber attacks become more sophisticated every day. Within my team, we have received emails that looked similar to legitimate company communications until we saw the sender’s address. Cyber criminals have applied the same level of sophistication to covert methods only detectable with technology.

As our workplaces become digital ecosystems full of data, the breadth of opportunities for cyber criminals to exploit vulnerabilities becomes even wider.

When protecting your organisation from cyber threats has become a necessity, how can you determine the strength of your cyber security posture?

A good place to start is by evaluating your organisation against the Essential Eight cyber security model. 

What the Essential Eight cyber security model includes

The Australian Cyber Security Centre (ACSC) released the Essential Eight Maturity Model in 2015 to provide organisations with a framework for protecting their data and systems from cyber attacks. It consists of eight core protections businesses should implement to reduce their risks of experiencing an attack:

  1. Application control
  2. Patch applications
  3. Configure Microsoft Office macro settings
  4. User application hardening
  5. Restrict administrative privileges
  6. Patch operating systems
  7. Multi-factor authentication (MFA)
  8. Regular backups

What requirements might you already meet?

Many organisations rarely meet the higher maturity levels when they begin looking into the Essential Eight. You might have very few security measures in place. Or, you have strong cyber security in specific areas such as asset management but lack the necessary solutions for incident management.

In this case, you will need to focus on strengthening specific areas of your cyber security. 

How the Essential Eight maturity model ranks your maturity

You might feel unsure about how you measure up regarding Essential Eight. As most businesses do not have a high maturity level when they start, they may also be unaware of potential vulnerabilities open to sophisticated attacks.

By understanding how Essential Eight ranks your company’s cyber security, you can take steps to improve your posture and protect your business from potential threats.

The Essential Eight cyber security model provides a comprehensive picture of your current posture by placing it within one of four maturity levels:

  • Level 0 indicates vulnerabilities across your entire organisation. If an attacker exploits these vulnerabilities, they may compromise your data and systems.
  • Level 1 aims to guard against attackers seeking to opportunistically exploit any and every organisation through publicly available internet platforms. For example, sending out ‘spray and pray’ phishing attacks hoping to gain access to a system and launch malicious applications or tamper with data.
  • Level 2 protects against attackers spending concentrated efforts on a target. They may attempt to get around the security of specific targets and evade detection by gathering details through phishing emails that look convincingly similar to company emails. They may focus more time exploiting accounts with privileged access but will not pour too much time into a target.
  • Level 3 aims to protect from attackers who exploit vulnerabilities in old hardware or software and avoid detection when accessing your systems. Such attackers often focus on specific targets and leverage techniques outside of publicly accessible platforms. To continue the phishing email example: these attackers will socially engineer someone to click on a link and then may continue manipulating them for information on bypassing security undetected.

Each of these levels focuses on different types of cyber security threats. The higher the number, the more protection you have against sophisticated attacks.

A managed security services provider (MSSP) can evaluate your software and systems to find these vulnerabilities. From there, they can place your organisation within one of the four maturity levels and highlight what you need to improve your cyber security posture.

 

The Essential Eight’s threat reduction strategies

Once you have established your maturity level and the vulnerabilities within your organisation, you need to address them with the Essential Eight.

It is pertinent to note that each of these categories requires you to meet specific criteria before reaching a maturity level in that area. For example, application control at maturity level one blocks actions within apps, but you need to implement Microsoft’s recommended block rules to achieve maturity level three.

So, the summary of the strategies below merely describes the general safeguards they cover and not the specific requirements to meet each maturity level.

The eight strategies covered in the cyber security model include:

  1. Application control restricts the actions someone can execute in a users’ application. It especially prevents workstations from running software libraries, scripts, application installers, HTML applications, etc.\
  2. Application patching includes the time to patch vulnerabilities in third-party applications. After an application updates, you need to patch it within two weeks or 48 hours if it has a known vulnerability. You need a vulnerability scanner to detect missed patches or potential issues.
  3. Configure Microsoft Office macro settings to prevent anyone without a demonstrated business requirement from accessing macros. Macros are commands grouped to complete a task automatically. Your cyber security solution should block macros in files from the internet, prevent users from changing security settings and leverage antivirus scanning.
  4. User application hardening tightens the capabilities of web browsers so they cannot process Java or web advertisements from the internet, and users cannot change the security settings.
  5. Restricting administrative privileges ensures that people with privileged access use different operating environments from unprivileged users. Administrators need to have a permission request validated before accessing these environments.
  6. Patch operating systems to ensure they remain updated. You should do this within two weeks of the update or 48 hours if the operating system has a known vulnerability. Like application patching, you need regular vulnerability scanning to identify potential issues within the operating system.
  7. Multi-Factor Authentication (MFA) will need to be leveraged by all end-users to guard against security breaches such as brute force attacks. All internet-facing services that store and access sensitive information need MFA enabled.
  8. Regular backups ensure that you can access your systems and data in the event of a cyber security attack. You need to test your backup systems and environments to ensure they meet your disaster recovery needs. Unprivileged accounts can only access their own backups and cannot delete data.

 

How Alliance Business Technologies secures your business

We build systems designed to protect your critical assets. We increase business resilience, provide real-time threat intelligence, and help create a robust cyber security culture.

Our advisory services can help you pinpoint your risks and provide visibility of your cyber security posture. We can implement monitoring systems to notify you of potential threats and provide solutions before they cause damage to your organisation. Finally, we can provide your employees with training to recognise threats, protecting themselves and the business.

Visit our IT Security page for more on how we protect your business, your customers, and their data.

Article used with permission from Centorrino Technologies.

Share this post

Author

Related Posts

15Apr

Announcement: We are now ISO27001 certified!

We are thrilled to announce that our company has achieved a significant... read more

20Dec

What Is Microsoft Sales Copilot & What Does It Do?

The use of AI-driven processes is exploding. Every time you turn around,... read more

26Nov

Dealing with Business Impersonation Scams

In the ever-evolving business landscape, so do the shadows of potential scams;... read more

25Nov

Unmasking Microsoft Impersonation Scams: A Guide to Stay Safe Online

Scams have become an unfortunate reality that continues to grow very quickly.... read more

24Nov

Unveiling the Scam Landscape: Tips to Protect Yourself Online

On 30 September 2023, Scamwatch received a total of 234,672 reports with... read more

01Sep

Cloud migrations: the Ingram Micro partnership in a Case Study

Last May, Alliance Business Technologies won the Ingram Micro’s Cloud Growth Partner... read more

25Jul

Securing Digital Identity: Enabling Passwordless MFA

In our continuous effort to enhance the security and convenience of connecting... read more

27Jun

Microsoft Edge for Business: Empowering Productivity in a Dedicated Work Environment

To fully realize Microsoft's commitment to delivering the finest browser for business... read more

26Jun

Securing Digital Identity: The Significance of Passwordless Authentication

In the realm of digital identity security, passwordless authentication plays a pivotal... read more

23Jun

How to Create Insightful Dashboards in Microsoft Power BI

Data visualization is a powerful tool for communicating complex data. It presents... read more