Essential Eight - First Step Against Cyber Crimes
Kloudworks (Private) Limited
Reserve the FREE AUDIT of your IT systems to identify where you stand
Start your Essential Eight Journey
TODAY!
What is Essential Eight
Modern organizations can’t operate in isolation, interconnected with each other through the internet. This brings an unimaginable number of benefits and an equal number of threats too and these threats are known as “cybercrimes”. In the recent past the Australian Cyber Security Center (ACSC) has identified an upward trend in cybercrimes and they have come up with mitigation plans to deal with this rising threat. The first of many recommendations made by ACSC is the Essential Eight Maturity Model, which focuses to secure Microsoft Windows-based information systems.
As the name suggests, Essential Eight Maturity Model focuses on eight basic areas, as listed below;
- Application control
- Patch applications
- Configure Microsoft Office Macro settings
- User application hardening
- Restrict administrative privileges
- Patch operating systems
- Multi-factor authentication
- Regular backups
While implementing the recommendations given focusing above areas, the Essential Eight Maturity Model describes three levels of implementation. The three maturity levels differ from each other only by the depth of protection of each eight areas. ACSC recommends assessing the business criticality and the dependency on Information Technology to identify which maturity level to be achieved.
The main objective of implementing the Essential Eight Maturity model is to minimize the impacts of cybercrimes and ensure business continuity.
Cybercrimes and their Magnitude
According to the Australian Criminal Intelligence Commission (ACIC), there are many faces to cybercrimes including, computer hacking, phishing, identity crime, botnet activity, and cyber intrusion directed at private and national infrastructure.
ACSC sources say that they have received more than 76, 000 cybercrime reports during 2021-2022, which is 13% more compared to the previous year.
“One cyber-attack in every 7 minutes”
Some significant incidents include the Optus, Medibank, and Energy Australia attacks.
UNSW Canberra cyber security expert Nigel Phair estimates that the cost of cyber crimes in Australia is around $ 42 Billion per year.
What we see today is that it’s the number one priority of any organization is to take measures against cybercrimes, irrespective of the size of the organization. The reason is you might not be a direct target of cybercrime, but your infrastructure might be used by an intruder to launch a cyber-attack at another organization without your knowledge.
How will Organizations Benefit by Implementing the Essential Eight Maturity Model?
If you are a business owner, even if you don’t directly manage your IT infrastructure and Services, some key questions coming into your mind would be;
- If my data is stolen by a cybercriminal, what should I do?
- What can be done if someone tries to hack into my network?
- How can I protect myself and my employees from being hacked?
- If my IT systems are breached, how can I run my business?
- How can I recover from a cyber-attack?
The Essential Eight Maturity model is a carefully designed framework to protect organizations from various types of cyber-attacks. It includes steps to be taken to protect an organization from a cyber-attack as well as measures to recover if the organization becomes a victim of such an attack.
The eight areas defined in the Essential Eight Maturity model can be grouped into three broad areas based on their basic functionalities as given below;
- Stop Malware from acquiring control of the IT system
- Minimizing the impact of a cyber security-related incident
- Data recovery and business continuity
Each of the above focus areas brings a different type of defense level into an organization’s security portfolio.
Essential Eight focus area | Benefit to the organization |
Application Control | This will allow security administrators to define, which applications should run on which devices and the users who can run those applications. |
Patch Application | Application pathing prevents malware to exploit backdoors available in applications. ACSC recommends installing patches within 2 weeks after releasing and/or within 48 hours if an exploit is identified. |
Configure MS Macro Settings | Not every user need Macros (and other Scripts) to run on their computers. This focus area defines the limitations of running Macros in user devices |
User Application Hardening | These measures will define the levels of security implementations on user applications |
Restrict Administrative Privileges | Applications sometimes need administrative privileges to perform certain tasks. The controls associated with this focus area define the way that administrative privileges are used and impose time restrictions so that the privileges do not exist forever. |
Multi-factor Authentication | Main benefit of implementing multi-factor authentication limits malware or intruders get into the system. The second important benefit is if they are successful of exploiting one application, they are not given free passes to exploit other applications |
Regular backups | Performing regular backups of both systems and data helps organizations to recover from a disaster. ACSC suggests imposing controls on accessing these backups to ensure the integrity of these backups |
What are the Three Maturity Levels of the Essential Eight Framework?
Australian Cyber Security Center (ACSC) has defined three maturity levels of the Essential Eight framework, namely Level#1, Level#2, and Level#3. The difference between these three levels is the granularity of the implementations of each of the eight focus areas.
Please refer to the following example,
Essential Eight focus area | Level one | Level two | Level three |
Unprivileged accounts can only access their own backups. | Unprivileged accounts, and privileged accounts (excluding backup administrators), can only access their own backups. | Unprivileged accounts, and privileged accounts (excluding backup administrators), cannot access backups. |
ACSC also recommends carefully analyzing the impact of implementing the Essential Eight Maturity model in their organization against the impact of Information Technology on their business to define the required maturity level. But they equally emphasize not to exclude any of the areas (unless they have a strong justification) as it’ll open up a backdoor to the intruders.
Is Implementing Essential Eight a "one-time job"?
The answer to the above question is of two parts.
It’s important to understand that implementing Essential Eight focus areas needs both tools and processes. Identifying and deploying the tools needed, for example, a backup tool can be considered a “one-time job”. But having regular backups is a continuous process.
This leads to another question. If your organization doesn’t have IT resources to maintain these processes, how can you maintain the Essential Eight maturity level? In fact, this is a question for most small and medium organizations as they do not have enough IT resources and they are not in a position even to hire them.
The answer to the above question is getting support from a managed IT service provider, who has the experience and resources to perform the continuous processes defined in the essential eight maturity model.
Conclusion
There is no 100% successful solution for cybercrimes, as they change their methods, behavior, and interests day by day. As IT consultants and business owners, what we can do is take maximum measures to protect our own IT ecosystems from these intruders and the essential Eight Maturity model is an ideal strategy to start with.
But, implementing the eight focus areas, irrespective of how granular the deployment is, will not be an easy task for an organization that doesn’t have a proper IT team. The best option for them is to outsource the tasks, which should need continuous attention to a Managed IT Services provider so that the organization can focus on their key business activities.
Reserve a FREE AUDIT of your IT ecosystem to identify where you stand today in terms of The Essential Eight Maturity Model
About Us
Information Technology is a mandatory component in modern business. But for many organizations, it’s an additional workload. We at Kloudworks will support you not only in managing IT workloads, but also model them to suit your business changes.
Our consultants will assist you to manage your total IT eco-system consisting of infrastructure, and business applications. We’ll guide you to implement best practices to ensure data security and business continuity. Our 24×7 monitoring team will closely monitor your business-critical IT workloads even during non-business hours.
We’ll make IT Simple!
Sri Lanka
Kloudworks (Pvt) Limited
No. 26/13, Beddagana Road, Pitakotte, Sri Lanka.
info@kloudworks.net
+94 77 362 3488
Australia:
Erunway
L23, Collin Square Tower Five, 727 Collins Street, Melbourne, Australia.
info@erunway.com.au
1300 997 987