It’s Cyber Security Awareness Month, do you know about the Essential Eight?

October 3, 2023

To help organisations better protect themselves against various cyber threats, the Australian Cyber Security Centre (ACSC) has developed a series of mitigation strategies called the Essential Eight.

The Essential Eight consist of:

1. Application Control

This is like having a guest list at a party. It means only allowing approved and trusted applications (software) to run on your computer network. Any program that isn’t on the list won’t be allowed to run, which helps prevent malicious or unauthorised software from causing harm.

2. Patch Applications

Just like you update your smartphone apps to fix bugs and add new features, organisations need to regularly update their software applications. These updates, or “patches,” often contain important security fixes to protect against known vulnerabilities.

3. Configure Microsoft Office Macro Settings

Cybercriminals sometimes use Microsoft Office to hide malicious code in documents. This strategy involves configuring Office settings to make it safer and blocking certain types of web code that could be harmful.

4. User Application Hardening

This is about making sure the software programs used by your employees are set up securely. It involves adjusting settings and permissions to minimise potential vulnerabilities.

5. Restrict Administrative Privileges

Think of administrative privileges as superpowers in the computer world. This strategy involves limiting the number of people who have these superpowers. Only a select few should have the ability to make significant changes to computer systems to reduce the risk of unauthorised access or mistakes.

6. Patch Operating Systems

Similarly to ensuring your computer’s software up to date (like Windows or macOS updates), a business need to regularly update their operating systems. This ensures they have the latest security patches and protections.

7. Multi-Factor Authentication (MFA)

MFA is like having two or more locks on a door. It adds an extra layer of security beyond just a password. Typically, it involves something you know (like a password) and something you have (like a smartphone that generates a unique code). This makes it much harder for hackers to access accounts even if they know the password.

8. Regular Backups

Implementing regular backups will help your business to recover and continue to operate, in the event of a cyber incident, such as a ransomware attack.

The Essential Eight provides a set of guidelines for businesses to strengthen their cybersecurity and other threats. By following these strategies, businesses can reduce the risk of cyberattacks and protect their sensitive data and systems from being compromised. How does your business rate? Need help to check how you fare on the Essential Eight? We can help, reach out to our team.

Related News


5 Reasons to Embrace Technology for Business Success

February 7, 2024


Why You Need an IT Project Consultant

March 8, 2023