Home Security ASD says eight cyber security steps are better

The Australian Signals Directorate (ASD) has developed eight cyber security steps that business, enterprise and government should take to help protect themselves against cyber attacks.

This is up from its previous four — application whitelisting, patching applications, patching operating system vulnerabilities, and restricting administrative privileges — and has been called the “essential eight”. As yet these have not been included in the protective security policy framework (PSPF) mandate and will be available on the ASD website shortly.

It says that while the essential four will prevent 85% of cyber attacks and were mandatory for all Australian Government use since 2013, the extra precautions are a result of developments since then.

ASD says these are the essential eight and there are many more steps that could be taken. A range of publications are available on its website.

The measures organisations should now take are:

  1. Application whitelisting to allow only approved software applications to run on computers.
  2. Patch applications to fix security vulnerabilities in software.
  3. Disable untrusted Microsoft Office macros which could be used to enable the download of malware onto computer systems.
  4. User application hardening that blocks Web browser access to Adobe Flash player, Web advertisements and untrusted Java code.
  5. Restrict administrator privileges for managing systems and installing software and patches to only users who absolutely need them.
  6. Patch operating systems to fix vulnerabilities.
  7. Use multi-factor authentication to make it harder for third parties to access information.
  8. Back-up important data daily so information can be quickly recovered in the event of a cyber security incident.

The ASD states, “Once the essential eight mitigation strategies have been correctly implemented, baseline cyber security posture has been achieved. This baseline makes it much harder for adversaries to compromise systems."

"While no single mitigation strategy is guaranteed to prevent cyber security incidents, ASD recommends organisations implement a package of eight essential strategies as a baseline,” it added.

HOW TOP MANAGERS MOTIVATE, ENERGISE EMPLOYEES

Download an in-depth guide to managing a healthy, motivated and energetic workforce without breaking the bank.

DOWNLOAD NOW!

Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

 

 

 

 

Connect

Join the iTWire Community and be part of the latest news, invites to exclusive events, whitepapers and educational materials and oppertunities.
Why do I want to receive this daily update?
  • The latest features from iTWire
  • Free whitepaper downloads
  • Industry opportunities