While no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement 8 essential mitigation strategies as a baseline. The Australian Signals Directorate (ASD) has created a list of 8 baseline strategies, known as the Essential Eight. These strategies make it much harder for adversaries to compromise systems, are cost-effective in terms of money, time and effort rather than having to respond to a large-scale cyber security incident. The ASD Essential 8 are shown below.

Jellyfish for All Levels of Government

Jellyfish has been purposely designed as a modular platform, agile and adaptive to change. Jellyfish is currently made up of modules that are designed to either be stand alone to address a singular pain point of a business or integrate to enable enterprise security. Importantly, we are designing our modules to integrate and evolve to ensure our clients are armed with the tools to combat new and emerging malicious cyber activity.

ASD Essential Eight

Before implementing any of the mitigation strategies, organisations should:

1. Identify which systems require protection

2. Identify which adversaries are most likely to target their systems

3. Identify what level of protection is required

1. Application Whitelisting

Create a list of approved/trusted programs to prevent execution of unapproved/malicious programs.

This strategy ensures that all non-approved applications, including malicious code, are prevented from executing.

Configure Microsoft Office macro settings

Block macros from the Internet, and only allow vetted macros – with trusted locations, limited write access or digitally signed a trusted certificate – in prevents this.

Restrict administrative privileges

Restrict administrative privileges to operating systems and applications based on user duties. Regularly re validate the need or privileges.

Admin accounts are the ‘keys to the kingdom’ and adversaries use these accounts to gain full access to information and systems.

Multi-factor authentication

Stronger user authentication makes it harder for adversaries to access sensitive information and systems. Multi-factor authentications should be used for all users when they perform a privileged action or access an important data repository.

2. Patch Applications

Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications.

This strategy prevents security vulnerabilities in applications can be used to execute malicious code in systems.

User application hardening

Configure web browsers to block Flash, ads and Java on the Internet. Disable unneeded features in Microsoft Office, web browsers and PDF viewers.

Patch Operating Systems

Patch/mitigate computers (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operation system version. Do not use unsupported versions.

Security vulnerabilities in operating systems can be used to fruther the compromise of systems.

Daily Backups

Daily backups should be made for new important/changed data, software and configuration settings. The backups should be stored disconnected and retained for at least three months to ensure information can be accessed again following a cyber security incident.

Read about Jellyfish for SMEs

For more information on safeguarding organisations, read NIST’s Ten Essential Activities to Protect Small Business Information, Systems and Networks.