Essential 8 Maturity Model

May 27 2022, by James Rabey | Category: Government

ACSC cyber security mitigation strategies.

The Australian Cyber Security Centre (ACSC) is the Australian Government’s lead agency for cyber security. From experience of cyber security incidents and through vulnerability testing of various government agencies, the ACSC has developed effective mitigation strategies to reduce the risk of cyber security attacks.

When considering cyber security mitigation strategies, the ACSC recommends that Australian organisations should take a risk-based approach and select strategies appropriate to their risk profile.

The Essential 8.

Designed to protect Windows-based internet-connected networks, the ACSC’s most effective strategies are contained within the Essential 8, a baseline of cyber security mitigation strategies recommended to all Australian organisations.

The Essential 8 strategies cover application control, patch applications, configure Microsoft Office macro settings, user application hardening, restrict administrative privileges, patch operating systems, multi-factor authentication and regular backups.

The Essential 8 Maturity Model.

Each of the Essential 8 strategies contains various controls (safeguards) to be implemented. To aid implementation, in June 2017 the ACSC released the Essential 8 Maturity Model which recommends implementing level 1 controls across the 8 strategies first before progressively implementing controls of higher maturity levels.

  • Level 0 maturity represents weaknesses in an organisation’s overall cyber security posture. When exploited these weaknesses may lead to compromised confidential data, IT systems integrity and system access.
  • Level 1 controls focus on protecting against widely available cyber-security exploits that are opportunistically pointed at many targets to uncover internet-facing vulnerabilities. Examples include common social engineering techniques and emails with Microsoft office files containing malicious macros.
  • Level 2 controls focus on targeted attacks from cyber-security adversaries with next-level tradecraft capabilities. The tools may be common, but they’re used more effectively to circumvent security controls, like phishing and more sophisticated social engineering techniques.
  • Level 3 adversaries are set apart from lower levels by being more adaptive and less reliant on commonly available tools and techniques. They exploit weaknesses in the target’s cyber security posture that may be found in older software and inadequate monitoring and logging. These adversaries are willing and able to invest more time and effort to work around targets’ security controls.

Implementing the Essential 8 is an effective first step to mitigate the common risks of a cyber-attack, but for many organisations adequate cyber protection will take them beyond the baseline Essential 8.

The ACSC detail 37 cyber security mitigation strategies that range in terms of their effectiveness and the IT technologies they help to protect. Different organisations have different networks, IT systems and devices, configurations and levels of data sensitivity, so the mix of additional strategies beyond the Essential 8 must be commensurate with an organisation’s risk profile and the particulars of their IT environment.

Heightened cyber security threats.

Cyber security threats are increasing in their sophistication, number and impact on organisations – just recently in April 2022 the ACSC urged Australian organisations to urgently adopt and enhance cyber security posture. The ACSC recommends Australian organisations review the Essential 8 and remediate any gaps in their cyber security posture.

Macquarie Government has over 15 years of responding to Australian governments’ cyber security incidents and improving agencies’ cyber security – we can help fast-track your Essential 8 maturity with the following services:

  • SOCaaS Essential 8 dashboard – you can’t manage what you don’t measure, and with our dashboard you will be across the important metrics quickly.
  • Data Vault – air-gapped storage and restricted admin access is one of the most effective ways to quickly recover from an attack.
  • Secure Enclave – centralized gold images eases deployment of patches, application control, Office macro settings
  • SIGNET – multi-factor authentication, as well as an extra level blocking malicious apps and macros from reaching the internet.

Call us today on 1800 004 943 to identify your next best steps to improve your Essential 8 cyber security posture.