Man and woman working on their devices Man and woman working on their devices Man and woman working on their devices

Essential Eight Mitigation Strategies – what do they do?

At a high level the mitigation strategies are designed to:

  • Prevent a cyber attack
  • Contain the impact of a cyber attack
  • Ensure data recovery and system uptime

Strategies to Prevent a cyber attack

Application control – to ensure unapproved programs including malware are unable to start plus prevent an attacker from running any programs which would enable them to gain access or steal data.

Patch applications - attackers look to exploit unpatched applications and, in some cases, enable them to takeover an application, access all information contained within and use those steps as a means to then access other connected systems.

Configure MS Office macro settings - an attacker can download and install malware running automated malicious commands if macro settings are not set up correctly.

User application hardening - the default configuration settings on key programs like web browsers may not be as secure as you need. Settings should be assessed and changed where necessary to reduce the ability of a compromised/malicious website from successfully downloading and installing malware.

Contain the impact of a cyber attack

Patch operating systems - unpatched operating systems can be exploited by attackers and enable an attacker to completely takeover an application, access all information contained within and use those steps to access connected systems

Restrict administrative privileges – Strict control of Administrator accounts will make it more difficult for an attacker to identify and successfully gain access to one of these accounts, which would give them significant control over systems.

Multi-factor authentication – having multi-factor authentication in place for users makes it significantly more difficult for adversaries to use stolen user credentials to facilitate further malicious activities.

Ensure data recovery and system uptime

Regular backups – will ensure information can be accessed following a cyber-security incident such as a ransomware attack.

Contact Us Today

Fill in the form below or call us on +61 3 9913 3248 (VIC), +61 7 3194 3664 (QLD) or +61 2 9098 8206 (NSW)