AUSTRALIAN CYBER SECURITY CENTER ESSENTIAL 8

The Australian Cyber Security Centre’s Essential 8 Model recommends eight core strategies that companies should implement to prevent cyber-attacks, limit damage from attacks, and enable efficient data recovery if required.

The Australian
Cyber Security Center's

ACSC Essential 8

The ACSC Essential 8 is a series of eight strategies recommended by the Australian Government to support Australian businesses prevent cyber attacks, limit damage caused by cyber attacks and, if all else fails, recover data lost from attacks or human errors.

Each strategy has identified three maturity levels (i.e. stages) to support businesses build an optimal Cyber Security Management System (CSMS). The ACSC recommends that “as a baseline, organizations should aim to reach Maturity Level Three for each mitigation strategy.”

The strategies and maturity levels are supported by the Australian Government’s Information Security Manual (ISM), which outlines the minimum-security controls businesses need to meet the intent of the Essential 8 strategies.

Our ACSC Essential 8 CSMS is designed to ensure businesses are compliant with the ACSC Essential 8 and meet the security controls outlines in the ISM.

The ACSC Essential 8 Strategies

“Implementing the Essential Eight proactively can be more cost-effective in terms of time, money and effort than having to respond to a large-scale cyber security incident.”

- Australian Cyber Security Centre

Combined, the ACSC Essential 8 Strategies form a powerful defence against cyber-attacks. Click through the below links to learn more about each strategy to see if it is right for your business.

Mitigation Strategies to
Prevent Malware Delivery and Execution

photo
Application
Control
Application Control is a cyber-attack prevention strategy. It involves generating an index of approved applications which are allowed to run in trusted locations on a computer network. In contrast, application blacklisting is the process of denying certain programs to run. Application Control
is a stronger prevention tool as it combats zero-day attacks. Find out more.
photo
Patching
Applications
Patch Application is the process of installing patches to fix identified vulnerability in software applications. Patches can also provide upgrade of features and extended functionalities. Regular updates can dramatically reduce the risk of cyber-attacks. Find our more.
photo
Configure Microsoft
Office Macro Settings
Configuring Microsoft Office settings can prevent malicious macros installing and running on your computer system. Dangerous macros are often embedded in seamlessly ‘normal’ documents such as excel or word files and can be accidentally downloaded via websites or email. Smart configuration of Microsoft Office programs can prevent macros in their tracks. Find out more.
photo
User Application
Hardening
Similar to Application Control, User Application Hardening is the process of deciding what certain applications/programs are allowed to do on a system or network. This is important as applications such as Adobe Flash and Java can sidestep traditional antivirus software to enable malware or exploit kits to be downloaded onto your computer business network. Find out more.

Mitigation Strategies to
Limit the Extent of Cyber Security Incidents

photo
Restrict Administration
Privileges
Restricting Administrative Privileges is the practice of only enabling the minimal computer administrative privileges needed by an employee to carry out their daily operational needs. Reducing the number of people who have overarching rights to install programs, run macros and enable applications, reduces the risk that a hacker can access the system. Further, if a system is hacked, it limits the extent of potential damage. Find out more.
photo
Patch
Operating Systems
Patching Operating Systems is a cyber security strategy which can mitigate the risk of cyber-attacks, as well as reduces potential damage. Like applications, the operating system needs to be updated regularly to fix known vulnerabilities. Without patching, hackers can leverage weaknesses in the system. Find out more.
photo
Multi-factor
Authentication
Multi-Factor Authentication is the strategy of establishing multiple sign-in requirements for users to log in to devices and programs. This increases the difficulty of a hacker accessing a user’s system via a vulnerability. Common Multi-Factor Authentication processes involve the user undertaking a standard sign in, and then confirming a code which is sent to an email or mobile phone to verify their identity. Find out more.
photo
Daily
Backups
A Daily Backup offers a last resort, ‘if all else fails’ solution for recovering stolen, hacked, damaged or lost data. The ACSC Essential 8 strategy recommends all backups are store for at least 3 months in a secure online or offline location that is not rewritable and non-erasable. Hopefully, companies never need to use their backups, but it is good to know they are there just in case. Find out more.

How can my business
implement the
Essential 8 Strategies?

Our Cyber Security Management System (CSMS), which includes software, policies, training and processes, delivers all 8 essential strategies to mitigate the risk of a cyber attack. This means all our clients are compliant with the Australian Cyber Security Centre’s recommendations.

What our customers say about Jam Cyber

team

Phil Edwards

ThomasSabo Jewellery AU / NZ
They find very sensible options for us and have really improved our business operations at the stores and head office since 2006.
team

Miya Spears

Marketing Manager | IMAX Darling Harbour
Markus, Ian and the team at Jam Cyber IT have been our reliable IT gurus for a decade. We have the utmost confidence in their support and delivery in all our IT and cybersecurity needs.
team

Nick Shaw

Director | Shaw Downie Chartered Accountants
We are a chartered accounting firm based in Sydney’s CBD. Jam Cyber has been our ‘Managed IT Services’ provider since late 2017. They implemented and have since managed an end to end ‘work from anywhere’ IT system.
team

Allison Benson

Principal | Kerin Benson Lawyers
Markus and the team at Jam Cyber have been looking after our IT and cyber security since April 2014. Jam Cyber have been fantastic to work with and have certainly helped our business grow. They have consistently set a high standard by being proactive and offering us solutions to help secure our IT system and set us up for future growth. We see them as an essential part of our team.
team

Evan Petrelis

Managing Director | Renaissance Tours
Renaissance Tours has been working with Jam Cyber IT & Cybersecurity since 2012. At all times, Markus, Jimmy, Ian and the rest of the team have been tireless in their efforts to look after our technology needs as we have grown. They are unfailingly responsive, friendly and helpful, and their counsel and solutions always top-notch. We couldn’t imagine running our business without their contribution.