Home Security ASD says eight cyber security steps are better

ASD says eight cyber security steps are better

The Australian Signals Directorate (ASD) has developed eight cyber security steps that business, enterprise and government should take to help protect themselves against cyber attacks.

This is up from its previous four — application whitelisting, patching applications, patching operating system vulnerabilities, and restricting administrative privileges — and has been called the “essential eight”. As yet these have not been included in the protective security policy framework (PSPF) mandate and will be available on the ASD website shortly.

It says that while the essential four will prevent 85% of cyber attacks and were mandatory for all Australian Government use since 2013, the extra precautions are a result of developments since then.

ASD says these are the essential eight and there are many more steps that could be taken. A range of publications are available on its website.

The measures organisations should now take are:

  1. Application whitelisting to allow only approved software applications to run on computers.
  2. Patch applications to fix security vulnerabilities in software.
  3. Disable untrusted Microsoft Office macros which could be used to enable the download of malware onto computer systems.
  4. User application hardening that blocks Web browser access to Adobe Flash player, Web advertisements and untrusted Java code.
  5. Restrict administrator privileges for managing systems and installing software and patches to only users who absolutely need them.
  6. Patch operating systems to fix vulnerabilities.
  7. Use multi-factor authentication to make it harder for third parties to access information.
  8. Back-up important data daily so information can be quickly recovered in the event of a cyber security incident.

The ASD states, “Once the essential eight mitigation strategies have been correctly implemented, baseline cyber security posture has been achieved. This baseline makes it much harder for adversaries to compromise systems."

"While no single mitigation strategy is guaranteed to prevent cyber security incidents, ASD recommends organisations implement a package of eight essential strategies as a baseline,” it added.


Did you know: 1 in 10 mobile services in Australia use an MVNO, as more consumers are turning away from the big 3 providers?

The Australian mobile landscape is changing, and you can take advantage of it.

Any business can grow its brand (and revenue) by adding mobile services to their product range.

From telcos to supermarkets, see who’s found success and learn how they did it in the free report ‘Rise of the MVNOs’.

This free report shows you how to become a successful MVNO:

· Track recent MVNO market trends
· See who’s found success with mobile
· Find out the secret to how they did it
· Learn how to launch your own MVNO service


Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!