One of the unexpected side-effects of the COVID-19 pandemic has been the rapid increase in cybercrime in Australia.
Cyber criminals have taken advantage of the fact that more Australians are going online to access information, and buy products and services. As a result, there has been an increase in consumer spear phishing attacks e.g. COVID related emails used to obtain user credentials. The healthcare sector has also been significantly targeted for ransomware attacks. In fact, according to the Australian Cyber Security Centre (ACSC)1 there were four malicious cyber-attacks per day related to COVID-19 pandemic in the period 1 July 2020 – 30 June 2021.
It’s staggering to note that in Australia during the same period, a cyber-attack was reported every 8 minutes, a volume increase of 13% on the previous year. Cybercrime cost us more that $33billion with the cost of business email compromise more than $50K (1.5x the previous year).
Organisations of all sizes are vulnerable, and it can be overwhelming to wrap your arms around how to protect your company systems and data from these frequent and widespread attacks.
This is where the Australian Cyber Security Centre (ACSC) has stepped in and developed a framework of best practices which can be implemented to safeguard your business and keep you protected.
The Essential 8 practices to safeguard your business
The ACSC leads the Australian Government’s efforts to prevent cyber crime in Australia. The development of the Essential Eight has culminated from their experience in producing cyber threat intelligence, responding to cyber security incidents, conducting penetration testing, and assisting organisations to implement the Essential Eight.
The Essential Eight provides mitigation strategies and suggested steps to take to help minimise the following2:
- targeted cyber intrusions and other external adversaries who steal data
- ransomware denying access to data for monetary gain, and external adversaries who destroy data and prevent computers/networks from functioning
- malicious insiders who steal data such as customer details or intellectual property
- malicious insiders who destroy data and prevent computers/networks from functioning.
We like the simplicity of the framework, which spells out the specific measures which can be implemented across five strategy areas, within a continuum of Maturity Levels.
Take a look at the infographic, which clearly explains the Essential Eight framework
A framework that grows with maturity
It’s important to point out that there’s a total number of 37 strategies recommended by the ACSC, each rated as either ‘Limited’, ‘Good’, ‘Very Good’, ‘Excellent’ or of course ‘Essential’. The recommendation is to start with the Essential strategies, and as your organisation matures, you can implement the remaining strategies in order of priority.
This is the beauty of the framework – it’s easy to bite off chunks, making it more accessible and less overwhelming.
Before implementing Essential Eight, you should identify a target maturity level suitable to your environment, then progressively implement the strategies in each maturity level until the target is achieved.
There are eight strategies which are deemed “essential”, thus the Essential Eight. Here, we will provide a simple overview of the framework, to help you get under the hood quickly.
Prevent Malware Delivery and Execution | Limit the Extent of Cyber Security Incidents | Recover Data and System Availability |
· Application control · Patch applications · Configure Microsoft Office macro settings · User application hardening | · Restrict administrative privileges · Patch operating systems · Multi-factor authentication
| · Regular backups
|
At each maturity level (from 0-3), the framework spells out the specific actions that should be taken against each strategy. For instance, starting at Maturity Level 1, you would implement all the recommended ‘Essential’ tasks for each strategy before moving onto Maturity Level 2.
Once you have completed the ‘Essential’ strategy tasks, ideally you would repeat the process with ‘Excellent’ tasks and so on.
The model is designed to be modular and additive. See the infographic for more information.
Of course, there’s no way to guarantee that these practices will absolutely eliminate every threat, however, they serve as a solid baseline that’s been endorsed by the highest levels of Australian Government.
Recently by working with a financial services customer, NovaWorks was able to apply the Essential 8 framework into planning to ensure that their business was aligned to a mature implementation, especially as they were moving all of their services into a new cloud based environment. We found that by pre-planning this approach before starting any migrations, the cloud environment was secure from the start, instead of an after-thought or as issues arose. It also gave a chance for any inconsistencies or issues that may have been present in their existing implementation to be remediated with best practices in the new environment.
Get started quickly
The team at NovaWorks understands the framework deeply and can quickly get you on the path. We have decades of experience supporting clients in highly regulated industries and we’re proud to be certified to the highest standards (ISO 27001).
Contact us to talk to a Cyber Security expert.
Sources: