Have the recent Cybersecurity incidents in the news left you worried about the safety of your business?

Written by Zarbtech

Written by Zarbtech

23 February 2023
Have the recent Cybersecurity incidents in the news left you worried about the safety of your business?

Cybersecurity can be a scary topic. With increasing cybercrime reports year after year and the recent media coverage of companies that have experienced breaches, worrying about the safety of your own business is a perfectly normal reaction.

Thankfully, the Australian Cyber Security Centre has provided all Australian businesses with a list of the most effective mitigation strategies for Microsoft Windows-based internet-connected networks. These are known as the Essential 8

This list of 8 strategies, which are then categorised into 4 levels of maturity provides you with an understanding of the current security posture of your business, as well as a goal to work towards to increase your security positioning.

The Essential 8 Mitigation Strategies

  1. Application control
  2. Patch applications
  3. Configure Microsoft Office macro settings
  4. User application hardening
  5. Restrict administrative privileges
  6. Patch operating systems
  7. Multi-factor authentication
  8. Regular backups

The Essential 8 Maturity Levels

Maturity Level Zero

This maturity level signifies that there are weaknesses in an organisation’s overall cyber security posture. When exploited, these weaknesses could facilitate the compromise of the confidentiality of their data, or the integrity or availability of their systems and data.

Maturity Level One

The focus of this maturity level is adversaries who are content to simply leverage commodity tradecraft that is widely available in order to gain access to, and likely control of, systems.

Generally, adversaries are looking for any victim rather than a specific victim and will opportunistically seek common weaknesses in many targets rather than investing heavily in gaining access to a specific target.

Maturity Level Two

The focus of this maturity level is adversaries operating with a modest step-up in capability from the previous maturity level. These adversaries are willing to invest more time in a target and, perhaps more importantly, in the effectiveness of their tools.

Generally, adversaries are likely to be more selective in their targeting but still somewhat conservative in the time, money and effort they may invest in a target.

Maturity Level Three

The focus of this maturity level is adversaries who are more adaptive and much less reliant on public tools and techniques. These adversaries are able to exploit the opportunities provided by weaknesses in their target’s cyber security posture, such as the existence of older software or inadequate logging and monitoring. Adversaries do this to not only extend their access once initial access has been gained to a target, but to evade detection and solidify their presence. Adversaries make swift use of exploits when they become publicly available as well as other tradecraft that can improve their chance of success.

Generally, adversaries may be more focused on particular targets and, more importantly, are willing and able to invest some effort into circumventing the idiosyncrasies and particular policy and technical security controls implemented by their targets.

Information from (2022). Essential Eight Maturity Model. The Australian Cyber Security Centre (ACSC). https://www.cyber.gov.au/acsc/view-all-content/publications/essential-eight-maturity-model

How we can help

While no strategy that will ever guarantee protection from all cyber threats, increasing your maturity level within these Essential 8 areas is a great place to start.

The Zarbtech Team can help you work through the process by partnering with you to:

  1. Identify the correct target Maturity Level for your business
  2. Assess your current Maturity Level
  3. Provide recommendations to achieve your desired Maturity Level
  4. Implement recommended Mitigation Strategies
  5. Enhance your Security Posture above these Essential 8 areas for a more robust Cybersecurity Strategy

If you are ready to take your worries and turn them into an actionable plan to reduce your risk our Team are ready to help

Empower Your Business With the Right IT Support

We’ll look after you. For reliable and affordable IT services, get in touch with the team at Zarbtech today by calling
1300 049 059 or leaving your details here.

Please type your full name.
Invalid email address.
Invalid Input
Invalid Input
Invalid Input