Digital transformation is one of the biggest trends reshaping how businesses operate today. The cloud, machine learning, and mobile devices make it easy for Australian organisations to cut costs and run more efficiently. However, such technologies can create unintended entry points that expose businesses to malware, phishing, and other cyberattacks.
Although there’s no all-in-one solution designed to mitigate every cybersecurity incident, the Australian Cyber Security Centre (ACSC) has developed eight strategies you can use to keep your business out of harm’s way.
Essential Eight 101
The ACSC Essential Eight maturity model provides practical guidelines for preventing malware delivery and execution, limiting unauthorised access to key systems, and ensuring data recovery and system availability. To help organisations measure their compliance with these strategies and decide the best course of action, the model defines three maturity levels.
- Maturity level one: Partly aligned with intent of mitigation strategy
- Maturity level two: Mostly aligned with intent of mitigation strategy
- Maturity level three: Fully aligned with intent of mitigation strategy
Those who suffer constant attacks and operate in high-risk environments, such as healthcare, may need additional guidance and services from security experts. However, regardless of the industry you’re in, your organisation should aspire to reach maturity level three for each mitigation strategy to defend against advanced threats and adversaries. Here’s how you can achieve this
Patch software
Hackers are constantly uncovering new software vulnerabilities to exploit, which is why it’s important to have a rigorous patch management strategy.
According to the ACSC, security vulnerabilities in software that are considered extreme risk (e.g., a software flaw that allows ransomware to spread) must be updated no more than 48 hours after a patch is released. Additionally, high-risk vulnerabilities should be secured within two weeks and moderate to low-risk bugs within one month. Any unsupported applications, like old versions of Microsoft Office, must also be replaced with the most recent versions.
To ensure compliance, you should implement an automated patch management system that tracks and applies software updates as soon as possible across your company.
Whitelist applications
Controlling which programs can run on the corporate network dramatically reduces your exposure to malware attacks. As such, IT administrators must whitelist only trusted programs, software libraries, scripts, and installers on active directory, servers, and all workstations.
Fortify user applications
Certain apps need extra protection even when they’re fully up to date. Web browsers, for example, have Flash plugins, Java scripts, and web advertisements that are popular malware delivery methods. Microsoft Office software also contains object linking and package embedding features that put your systems at risk. Do yourself a favour and disable these features right away.
Block Microsoft Office macros
Macros are a series of commands that automate various tasks. They can organise spreadsheets and format word documents, but they can also be programmed to run malicious code. The best way to protect yourself is to only enable macros with trusted certifications and block any in documents from unfamiliar sources.
Update operating systems
Similar to software applications, patches for operating systems like Windows 10 and macOS must be applied as soon as they’re released. If you’re using an outdated OS like Windows XP, you should upgrade immediately as developers don’t provide security fixes for products that have reached their end of life.
Restrict access privileges
Organisations should abide by the principle of least privilege, whereby employees are only given access to the IT assets they need to perform their roles. Those with administrative privileges should also be given extra confirmation steps, especially when it comes to accessing emails, web browsers, and files via online services. What’s more, everyone’s access privileges should be reviewed at least once a year. A centralised access management system helps you with all this.
Enable multifactor authentication (MFA)
MFA adds another layer of user verification on top of passwords to mitigate account hijacking. However, the ACSC recently stated that SMS messages, emails, and voice calls are no longer acceptable factors to reach level three maturity. Instead, you must use a combination of at least two of the following authentication methods: passwords with six or more characters, universal second-factor security keys, physical one-time password tokens, biometrics, and smartcards.
Back up your system
Preventing data loss requires you to back up your systems every day and to store multiple copies on a local drive, USB drive, and the cloud. Each backup should be retained for at least three months and recovery procedures should be tested annually or when you’ve made infrastructure changes. This way, your business can quickly get back on its feet after a cyber incident as if nothing happened.
If each strategy is implemented correctly, you’ll be able to avoid the crippling costs associated with responding to a major incident. Here at Empower IT Solutions, we have the tools, training services, and experts you require to achieve level three maturity. Call us today to make your business cyber resilient.
