Security Market Segment LS
Monday, 06 February 2017 07:58

ASD says eight cyber security steps are better Featured


The Australian Signals Directorate (ASD) has developed eight cyber security steps that business, enterprise and government should take to help protect themselves against cyber attacks.

This is up from its previous four — application whitelisting, patching applications, patching operating system vulnerabilities, and restricting administrative privileges — and has been called the “essential eight”. As yet these have not been included in the protective security policy framework (PSPF) mandate and will be available on the ASD website shortly.

It says that while the essential four will prevent 85% of cyber attacks and were mandatory for all Australian Government use since 2013, the extra precautions are a result of developments since then.

ASD says these are the essential eight and there are many more steps that could be taken. A range of publications are available on its website.

The measures organisations should now take are:

  1. Application whitelisting to allow only approved software applications to run on computers.
  2. Patch applications to fix security vulnerabilities in software.
  3. Disable untrusted Microsoft Office macros which could be used to enable the download of malware onto computer systems.
  4. User application hardening that blocks Web browser access to Adobe Flash player, Web advertisements and untrusted Java code.
  5. Restrict administrator privileges for managing systems and installing software and patches to only users who absolutely need them.
  6. Patch operating systems to fix vulnerabilities.
  7. Use multi-factor authentication to make it harder for third parties to access information.
  8. Back-up important data daily so information can be quickly recovered in the event of a cyber security incident.

The ASD states, “Once the essential eight mitigation strategies have been correctly implemented, baseline cyber security posture has been achieved. This baseline makes it much harder for adversaries to compromise systems."

"While no single mitigation strategy is guaranteed to prevent cyber security incidents, ASD recommends organisations implement a package of eight essential strategies as a baseline,” it added.


26-27 February 2020 | Hilton Brisbane

Connecting the region’s leading data analytics professionals to drive and inspire your future strategy

Leading the data analytics division has never been easy, but now the challenge is on to remain ahead of the competition and reap the massive rewards as a strategic executive.

Do you want to leverage data governance as an enabler?Are you working at driving AI/ML implementation?

Want to stay abreast of data privacy and AI ethics requirements? Are you working hard to push predictive analytics to the limits?

With so much to keep on top of in such a rapidly changing technology space, collaboration is key to success. You don't need to struggle alone, network and share your struggles as well as your tips for success at CDAO Brisbane.

Discover how your peers have tackled the very same issues you face daily. Network with over 140 of your peers and hear from the leading professionals in your industry. Leverage this community of data and analytics enthusiasts to advance your strategy to the next level.

Download the Agenda to find out more


Ray Shaw

joomla stats

Ray Shaw  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!



Recent Comments