The Essential Eight are the most fundamental cyber security strategies Australian businesses should have in place. Developed by the Australian Cyber Security Centre (ACSC), the Essential Eight protects Australian organisations from the growing risk of cyberattacks while sheltering their clients and stakeholders.
In our previous article, we covered how the Essential 8 protects organisations from cyberattacks. In this article, we’ll look closely at the prevention strategies to help you understand what they’re for, why they’re critical and how you can implement them to protect your business.
The ACSC breaks up the Essential 8 strategies into three key areas – Prevention, Limitation, and Recovery. In this article, we’re going to cover the basics behind the Prevention strategies.
- Application control
- Patch applications
- Microsoft Office macros
- User application hardening
What is application control?
This strategy involves developing actions that prevent the unauthorised execution of apps. The main aim is to stop threat actors from gaining access to information and security privileges that could help them gain a stronger foothold in an organisations IT infrastructure.
In this case, applications refer to executables, software libraries, scripts, installers, compiled HTML, and control panel applets.
How to implement application control
At the lowest maturity level, application control involves preventing the execution of apps on workstations from within standard-user profiles and temporary folders. On the high end, a whitelist determines which apps can run on which system, with users unable to run apps that they don’t need for their duties.
As the name suggests, patching applications involves applying patches and updates. This action stops threat actors from using known vulnerabilities in IT systems to gain access to sensitive details.
How to implement patch updates
At Level One, this means ensuring all office productivity suites, web browsers and their extensions, email clients, PDF software, security products, and internet-facing services are up to date within two weeks of a patch release. The ACSC recommends using a vulnerability scanner to identify and apply missing patches and removing any software or services that no longer receive vendor support.
Managing Microsoft Office macros
A macro is a recorded series of actions or commands that a user can repeat back later. In Microsoft Office programs, macros help reduce the amount of work required on repetitive or complicated tasks. However, they can also record and execute malicious actions, such as manipulating files, downloading malware, or sending spam emails.
How to secure your business against malicious macros
The Essential 8 recommends disabling all macros for every user that does not need them for daily tasks and blocking macros in any documents downloaded from the internet. In addition, organisations should use a macro antivirus scanner to identify and disable any malicious macros present.
What is user application hardening?
User applications refer to the programs regularly used by users. The Essential 8 focuses on web browsers as the main application responsible for security issues in this area and offers several strategies for ensuring these vital apps remain safe to use.
How to Implement User Application Hardening
The most straightforward strategy to harden web browsers against malicious activity is to block them from processing Java and web advertisements that originate from the internet. Users should not be able to change these settings. For added security, obsolete web browsers such as Internet Explorer should be blocked from the internet altogether – or better yet, removed entirely.
The next step
The Essential 8 offer strategies that go a long way towards helping organisations mitigate the risks of cyberattacks. In the next stage, we’ll be covering the Limitation and Recovery aspects of the strategies.
The Essential 8 offers value by offering a checkbox approach to ensure your organisation does what it can in the cyber security space. It’s valuable to organisations that regularly work with government agencies, as the Essential 8 is a mandated requirement for these organisations.
In the next section, we’ll go over the steps involved in the Limitation and Recovery sections of the Essential 8.
Is the Essential 8 right for my organisation?
The eight strategies involved are highly technical and prescriptive. These features make the Essential 8 useful for IT professionals and tech-savvy users. However, the strategies do little to address business procedures and behavioural elements that contribute to a more robust cyber security stance.
For businesses looking for a more advanced cybersecurity protection that takes business requirements and risk management factors into account, a NIST-based cybersecurity framework is worth exploring.
If you’re uncertain how to begin applying the Essential 8 strategies to your organisation – or are searching for a more holistic cyber security response – get in touch with First Focus.
Discover professionally manage cyber security
Get a professional NIST-based cyber security review with First Focus today!