- Cybersecurity is of paramount importance as cyber threats continue to grow in complexity, with businesses facing a multitude of potential breaches.
- Essential 8 cyber security offers a foundational framework for enhancing cybersecurity defences, covering vital security components.
- Proactive measures, such as application whitelisting, patching applications, and user training, are crucial for reducing vulnerabilities and mitigating threats.
- Advanced cybersecurity strategies are essential to counter the evolving tactics of cybercriminals in cloud-centric, interconnected, and AI-driven environments.
- Managed cybersecurity service providers can offer tailored solutions, combining essential 8 cyber security strategies with advanced mitigation approaches to protect businesses effectively.
- Building a robust cyber security strategy is vital for business resilience and reputation, as cyber incidents can result in substantial financial and reputational damage.
When cyber security management comes up in conversation, it’s usually accompanied by numerous opinions around the best ways to protect yourself or your business. If you’re a business owner, you might have heard the term essential 8 cyber security thrown around.
This article will inform you on everything you need to know about the essential eight maturity model in the context of a robust cyber security strategy. Before we dive in, it’s helpful to understand why cyber security is a crucially important topic and why it’s now one of the top three priorities for senior business leadership over the next three to five years.
Consider how you use technology daily and how it’s evolved over the last five years – you might notice that there are things you used to do without much technology that are now mostly done online. Recognising this shift towards a more connected digital world helps you understand why cyber security is vital. As we embrace new apps, gadgets, and digital ways of doing day-to-day activities, we also open ourselves up to cybersecurity threats that target these specific technologies.
The exponential growth of cybersecurity threats
During the 2021–22 financial year, the Australian Cyber Security Centre (ACSC) dealt with over 1,100 cybersecurity incidents. This is around 21 cybersecurity incidents per week. 60% of these cyber-attacks targeted Australian SMBs.
For businesses, it’s not just the volume of attacks that’s concerning but the variety of ways breaches can occur. From ransomware to phishing emails, viruses to adware and spyware, potential vulnerabilities are as numerous as the points of digital contact you make with the internet every day. And the stakes are high for businesses.
The average cost of a breach is roughly $3.35 million. This figure includes the immediate costs to resolve and recover from the breach, remediation expenses, loss of revenue and ongoing financial and reputational impacts from losing customer trust and damage to your brand.
The number of high-profile breaches over the past couple of years in Australia suggests that customers are becoming more discerned when it comes to which company’s they will share their sensitive personal information with. Neglecting cybersecurity equates to placing your business’s future reputation and success on the line.
Essential 8 cyber security
The Essential Eight Maturity Model is a comprehensive cybersecurity framework developed by the Australian Cyber Security Centre (ACSC). Businesses widely adopt it as a guiding compass for their cybersecurity strategies. Essential 8 cyber security is an excellent starting point for building a robust cyber security strategy, covering eight fundamental security touchpoints. Let’s look at each component of the Essential 8.
1. Application whitelisting
Application whitelisting is restricting the use of any tools or applications across a business to include only those already vetted and approved. Application whitelisting control is essential for defence because it ensures that only approved and trusted applications run within the organisation’s environment. By reducing the risk of malicious software execution, it helps prevent malware from infiltrating the network and compromising data and systems.
2. Patch Applications
Patching applications means updating software, drivers, and firmware to protect your business against vulnerabilities. Regularly patching applications is crucial because it helps close known vulnerabilities that attackers will often exploit to gain unauthorised access or launch attacks. By keeping applications up to date, businesses can minimise the potential entry points for cyber threats.
3. Configure Microsoft Office Macros
Microsoft Office files can contain embedded code (macro) in the Visual Basic for Applications (VBA) programming language. A macro can contain a series of commands that can be coded or recorded and replayed later to automate repetitive tasks. Configuring Microsoft Office Macros is critical for defence because macros can be a vector for macro-based malware attacks. By either disabling macros or ensuring they are digitally signed, businesses can prevent the execution of malicious macros and safeguard against this common attack vector.
4. User Application Hardening
User application hardening is the process of adding layers of security to make it more difficult for cybercriminals to break into your device. You can harden your apps and systems by ensuring you install all software updates, as outdated software versions make your system vulnerable to cyber-attacks. User application hardening is essential for cyber security management because it configures web browsers and email to block suspected malicious content. This approach minimises the risk of harmful files being downloaded or executed.
5. Restrict Administrative Privileges
Limiting administrative privileges is crucial because it reduces the potential impact of unauthorised changes to a system. If attackers gain access to privileged accounts, they can cause significant damage. By restricting these privileges, businesses can contain the scope of potential breaches.
6. Patch Operating Systems
Like patching applications, regularly patching operating systems (OS) is fundamental for defence. Attackers can exploit vulnerabilities in an OS to gain control of the system, so keeping the OS updated helps mitigate these risks and maintain a secure environment.
7. Multi-Factor Authentication (MFA)
MFA is a vital part of a strong cyber security strategy as it adds an additional layer of security to user authentication. Requiring multiple forms of verification reduces the risk of unauthorised access, even if an attacker manages to obtain login credentials. MFA is an easy addition that can enormously benefit overall security and is highly recommended on all possible login points.
8. Daily Backups
Like MFA, daily backups are a crucial and easy-to-implement component of a cyber security strategy. Backing up data each day ensures that critical data and systems can be restored if a cyber incident (such as a ransomware attack or data breach) occurs. Backups minimise data loss and downtime, allowing the business to recover quickly and effectively.
Going above and beyond essential 8 cyber security with advanced mitigation strategies
As discussed earlier in this article, the complexity of our digital world is growing, and our daily interactions with technology are expanding. This complexity must be addressed when considering how to prevent cyber attacks and build an advanced cyber security strategy.
Advanced defence and comprehensive mitigation strategies require real-time threat intelligence and adaptability to counter rapidly evolving cybercriminal tactics. In today’s cloud-centric and remote work-focused landscape, basic security strategies that rely on well-defined network perimeters alone are outdated.
Along with the expansion of cloud technology and remote work, we live with more interconnected systems than ever before. AI-driven threats are also increasing rapidly.
Dynamic, behaviour-based defences are now critical.
Businesses must focus on addressing security challenges stemming from inadequate user awareness. Employee security training has become a pivotal component of a comprehensive cyber security strategy alongside numerous other advanced mitigation, even though they aren’t listed in the foundational Essential Eight Maturity Model.
VITG recommend the following defence approaches in addition to the foundational essential eight:
1. Advanced Threat Detection
Utilising advanced threat detection tools, including behaviour-based analytics and machine learning, can help identify abnormal activities and potential threats.
2. Threat Intelligence
Staying informed about the latest trends in the cyber security threat landscape (such as attacker tactics, techniques, and procedures) will help businesses proactively adapt defences.
3. Red Team Testing
Red Team Testing uses ethical hacking (or known hackers) to identify potential breaches to a business’s security system using real-world techniques. Conducting regular penetration testing and red team exercises helps to identify vulnerabilities and weaknesses that standard defences might not address.
4. Security Awareness Training
Human error is responsible for a significant proportion of all cyber-attacks. Educating employees about sophisticated social engineering tactics and encouraging a security-conscious culture go a long way toward minimising human error.
5. Endpoint Detection and Response (EDR)
Endpoint detection and response refers to tools used to detect and investigate threats on system endpoints. Employing EDR solutions to monitor and respond to suspicious activities at the endpoint level can give analysts crucial information on attack attempts to help prevent future attacks.
6. Network Segmentation
Segmenting networks to contain and isolate potential breaches can limit lateral movement for attackers. This basic action can drastically limit the level of damage that attackers can have from a single attack.
7. Disaster Recovery Plan and Business Continuity Plan
Developing and regularly testing a comprehensive incident response plan can minimise damage and ensure a quick recovery if a breach occurs. A strong Business Continuity plan should have several components, including recovery personnel, recovery procedures, data backup, and Business Continuity testing.
8. Continuous Monitoring
Implementing real-time monitoring of network traffic, logs, and behaviour to detect anomalies and respond promptly can nip attacks in the bud and isolate damage if a breach has occurred.
You’re not alone – cyber security support for businesses
Cybersecurity can feel like an overwhelming topic for businesses. Still, the good news is there’s a huge amount that businesses can do to put themselves in the strongest possible cyber security position. And for businesses who don’t have the in-house capability or resources to build and maintain their own robust cyber security strategy, there are managed security service providers (like us) who are making it their mission to protect businesses and prevent attacks from occurring.
VITG offers businesses security services based on the Essential Eight Maturity Model and advanced mitigation strategies.
Our Managed Security as a Service (MSaaS) packages deliver all levels of vital cyber security strategy, from essential 8 cyber security strategies to advanced mitigation approaches and resilience-focused tactics.
VITG security essentials include:
- Endpoint Security – Next Gen Anti-Virus/Anti-Ransomware with EDR
- Email Security – Advanced Email Filtering
- Backups & Disaster Recovery – Microsoft 365 (M365) Cloud Backups
- Security Awareness Training – Cyber Security Staff Training Platform
- Application Hardening I – 3rd Party Patching
- Identify Protection – Multi-Factor Authentication (MFA)
- M365 Alerting and Monitoring – Automated SaaS Security
Our advanced mitigation approaches involve:
- Email Security II – DKIM/SPF Records Review
- Identity Protection II – Dark Web Monitoring
- 24/7 Security Operations Center – Monitoring, Alerting & Remediation
- Application Hardening II – Application Whitelisting
- Backups & Disaster Recovery II – M365 Backup Integrity Check (Annual)
And our resilience-focused tactics are:
- Email Security III – DMARC Records Review
- Penetration Testing – Real-Time & Automated Penetration Testing
- Vulnerability Management – Vulnerability Reporting
- Identity Protection II – Restrict and Review Admin Privileges and Azure Active Directory Password Complexity
- Data Security – Endpoint Management & Drive Encryption
- Application Hardening III – Disable Macros
- Backups & Disaster Recovery III – File Backup Integrity Test (Annual)
For more information, download our MSaaS solution breakdown.
Managed security in action
Many businesses are concerned about how to prevent cyber attacks in their specific industry with their unique user footprint. Managed security can tailored to be just as unique as your business.
Family Services Australia (FSA), a not-for-profit with over 30 years of experience in the community services sector, needed to rapidly increase its security posture quickly to stay compliant with contractual agreements. The organisation needed to align to the Essential Eight Maturity Model, gain a ‘right fit for risk’ accreditation and an ISO 27001 certification.
With six months to reach compliance, over 800 controls to review and a multimillion-dollar contract on the line, FSA needed to engage with a security specialist that could move at speed. Luckily, VITG were already providing FSA with IT and service desk support and were perfectly positioned to deliver a premium security solution quickly.
VITG helped Family Services gain accreditation by bringing them up to scratch on approximately 580 security controls. Family Services also improved the connection between their 30+ sites and streamlined service delivery by solidifying their Wi-Fi.
The entire organisation can now better serve and protect the privacy of their clients within their highly secure environment.
Read the full case study here.
Essential 8 cyber security and advanced cyber security measures work hand in hand to deliver robust security outcomes.
Adhering to the Essential Eight Maturity Model and implementing advanced cyber security measures is paramount for businesses in today’s digital landscape. The Essential 8 cyber security framework provides a foundational blueprint for bolstering cybersecurity defences, enabling organisations to proactively mitigate security threats and minimise vulnerabilities. In conjunction with the essential 8, embracing advanced security measures is essential to stay ahead of the evolving tactics employed by cybercriminals. By prioritising these strategies, businesses can safeguard their data, assets, and operations, ensuring the resilience and continuity of their operations in an increasingly interconnected and threat-prone environment.
VITG – Managing security for Australian businesses
VITG are experts in handling the implementation and ongoing management of business security. We are committed to providing the highest possible level of defence so business owners can relax and focus on what they do best: running their business.
If you enjoyed this article, our new E-book contains detailed information about the kinds of cyber criminals that businesses are up against, their methods of attack and motivations and even more information to help businesses defend their livelihood.