ASD Essential 8 Controls

The Australian Signals Directorate (ASD) Essential 8 are strategies to mitigate cyber security incidents.

The strategies have been battle-tested and prioritised by the ASD.

ASD Essential 8 List

Mitigation Strategies to Prevent Malware Delivery and Execution

Application control to prevent execution of unapproved/malicious programs including .exe, DLL, scripts
Applications Patching e.g. Flash, web browsers, Microsoft Office, Java and PDF viewers. Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications
Harden Microsoft Office to block macros from the internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate
User application hardening by configuring web browsers to block Flash (ideally uninstall it), ads and Java on the internet. Disable unneeded features in Microsoft Office (e.g. OLE), web browsers and PDF viewers

Mitigation Strategies to Limit the Extent of Cyber Security Incidents

Restrict administrative privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing.
Patch operating systems with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operating system version. Don't use unsupported versions.
Multi-factor authentication including for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important (sensitive/high-availability) data repository.

Mitigation Strategies to Recover Data and System Availability

Daily backups of important new/changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.

Essential Eight Maturity Model

To assist organisations in determining the maturity of their implementation of the Essential Eight, ACSC offers three maturity levels for each mitigation strategy. The maturity levels are defined as:

Maturity Level One: Partly aligned with the intent of the mitigation strategy
Maturity Level Two: Mostly aligned with the intent of the mitigation strategy
Maturity Level Three: Fully aligned with the intent of the mitigation strategy

Implementation Pain Points

Implementing strong cybersecurity controls in enterprise or government networks, with thousands of machines, can be incredibly challenging.

Some of the common pain points include:

Insufficient dedicated cybersecurity budget
Insufficient support from upper management to receive authority to make changes to ICT systems
Insufficient number of skilled IT professionals to deliver uplift projects
Legacy operating systems and applications that must be maintained for business purposes, but cannot be properly secured
Organisational red tape which significantly delays projects, dilutes results and increase costs

Furthermore, some technical controls such as Application Whitelisting, Multi-Factor Authentication and Restricting Administrative Privileges can be very challenging to implement safely, particularly in complex and dynamic business environments.

Mossé Security's Solution for the Essential 8

Business Strategy

Mossé Security works with IT directors, Chief Information Security Officers and Heads of Information Security to develop a viable security strategy that will achieve compliance with the ASD Essential 8.

Our expertise include:

Identifying opportunities to reduce expenditures
Development of business cases to obtain funding for cybersecurity initiatives
Recruitment of talent IT engineers and system administrators
Creation of metrics to measure and demonstrate the Return on Investment (ROI) on cybersecurity spending
Providing support in managing key stakeholders
Mentoring executives and technical stakeholders on cybersecurity

Maturity Assessments

Mossé Security perform maturity assessments of operational best practices. This includes the maturity of internal policies/procedures and the overall organisational effectiveness.

Staff Augmentation

Mossé Security offers Certified Cybersecurity Engineers with skills, knowledge and experience to assist customers implement the ASD Essential 8 Controls.

We have experience uplifting the security of networks with 200,000+ machines. When necessary, our team members are also trained on securing production systems that are at risk of a cyber attack, or that have been compromised and now need to be recovered.

This specifically includes solving challenges such as:

Sourcing free application whitelisting software
Developing group policy application whitelisting
Deploying application whitelisting on Windows 7, Windows 8.1, and Windows 10
Achieving compliance in AWS, GCP and Azure
Operating system patches and application updates
Third party application patching

Technical Assessments

Mossé Security offers the full-gamut of penetration testing services to assess the effectiveness of ASD Essential 8 implementation and identify critical gaps before the threat actors do.

Our Certifications

Our team undertakes 2,000+ hours of pre-deployment training per year. Here are some of the certifications we hold and maintain:

Cybersecurity Certification - Mossé Cyber Security Institute MBT Certified Blue Teamer Certification

Cybersecurity Certification - Mossé Cyber Security Institute MGRC Certified GRC Expert Certification

Cybersecurity Certification - Mossé Cyber Security Institute MSE Certified Security Engineer Certification

Cybersecurity Certification - Mossé Cyber Security Institute MPT Certified Penetration Tester Certification

Other services you may be interested in:

Free Project Consultation, Scoping and Quote

Call us on 1300 730 035 or submit the form below

Mossé Security's team of cybersecurity experts are ready to deliver cybersecurity professional services to your organsiation.