The Essential Eight in Focus

Defending Australian businesses, one cyber strategy at a time.

In today’s digital age, cybersecurity has become a significant concern for Australian businesses, with more cybercrime incidents reported every year. In 2022, small businesses found themselves grappling with an average cost of $39,000 per cybercrime report, while medium-sized businesses faced an even heftier burden of $88,000. To support organisations in countering this problem, the Australian Cyber Security Centre (ACSC) has introduced the ‘Essential Eight’ cybersecurity framework.

As hinted in the name, the Essential Eight consists of eight key areas that can work together to create a defence against the ever-evolving landscape of cyber threats. The success of an organisation’s adoption of these strategies is assessed based on a maturity scale from 0 to 3. Ericom can help organisations choose a level of security that most fits their unique needs, as not all require level 3 maturity. Each strategy addresses a different area of cybersecurity, ensuring a comprehensive approach to safeguarding your digital assets.

Let’s have a look at them in detail:

Application control: Create a list of approved applications within your organisation’s network. Any software not on this list is automatically blocked, preventing potentially harmful applications from running. Application control is particularly effective against malware and unauthorised programs.

Patch applications: Regularly updating software to fix any holes that cyber threats could exploit. Patching applications reduces the risk of attacks by ensuring that software is up-to-date with the latest security enhancements.

Configuring Microsoft Office macro settings: Malicious malware can come through Microsoft Office macros. By configuring Microsoft settings, you can disable macros from running automatically or only allow vetted macros to run, making it harder for malware to infect your network.

User application hardening: Configuring web browsers and other applications to block untrusted content, such as Flash, ads, and Java. By hardening applications, you can reduce the attack area for cyber threats.

Restricting administrative privileges: Only allow necessary personnel to have access to critical parts of the system. This minimises the potential damage if an account is taken over and limits the ability of malware to spread within the network.

Patching operating systems: Similar to patching applications, it’s crucial to regularly update your computer’s main operating systems. Updates often include patches for known vulnerabilities, making it harder for cyber threats to exploit the system.

Multi-factor authentication (MFA): Requires users to provide two or more verification factors to access a resource. MFA makes it much harder for cyber threats to break in, even if they know a password.

Regular backups: Regularly backing up data ensures that your critical information can be recovered in the event of a cyber-attack or data loss. Backups should be performed frequently and tested regularly to ensure they work correctly.

At Ericom, we specialise in assisting our customers in harnessing the Essential Eight framework. Our expertise extends to conducting comprehensive audits, evaluating your organisation’s current Essential Eight maturity, and crafting a customised roadmap to enhance your cybersecurity network. Our end-to-end support ensures that your digital assets remain secure by validating your targeted Essential Eight maturity, providing peace of mind to your whole team.

The Essential Eight is a vital tool in today’s cybersecurity landscape, offering a proactive approach to safeguarding your digital assets. As cyber threats become increasingly advanced, there’s never been a more crucial time to grasp and employ the Essential Eight. Know where your organisation stands in the face of cyber threats by contacting us for an audit today!

Share this: