HOW WE CAN DEFEND YOU FROM CYBER THREATS
Network security is now recognised as a critical, cyber-attacks are more sophisticated than ever, cybercriminals no longer rely on a single point of entry, they have multiple avenues, options and tools at their disposal to exploit vulnerabilities.
Combine this with Australia’s Notifiable Data Breaches scheme released in February 2018 and organisations not only face financial and reputational loss if they suffer a breach, but they also face large fines from the regulatory bodies if they fail to provide adequate protection.
Combine this with Australia’s Notifiable Data Breaches scheme released in February 2018 organisations not only face financial and reputational loss if they suffer a breach, but they also face large fines from the regulatory bodies if they fail to provide adequate protection.
Cyber Security Needs to be a Layered Approach
There is no single product that provides impenetrable security, therefore products must work in conjunction with each other to provide multiple layers of protection.
It sounds complicated, however, the Australian Cyber Security Centre has developed Strategies to Mitigate Cyber Security Incidents, to help organisations mitigate cybersecurity incidents caused by various cyber threats. The most effective of these mitigation strategies are known as The Essential Eight.
The Essential Eight
1. Application whitelisting
Application whitelisting of approved/trusted programs to prevent the execution of unapproved/malicious programs including .exe, DLL, scripts (e.g. Windows Script Host, PowerShell and HTA) and installers.
Why: All non-approved applications (including malicious code) are prevented from executing.
3. Configure Microsoft Office macro settings
Configure Microsoft Office macro settings to block macros from the Internet, and only allow vetted macros either in ‘trusted locations’ with limited write access or digitally signed with a trusted certificate.
Why: Microsoft Office macros can be used to deliver and execute malicious code on systems.
5. Restrict administrative privileges
Restrict administrative privileges to operating systems and applications based on user duties. Regularly revalidate the need for privileges. Don’t use privileged accounts for reading email and web browsing.
Why: Admin accounts are the ‘keys to the kingdom’. Adversaries use these accounts to gain full access to information and systems.
7. Multi-factor authentication
Multi-factor authentication including for VPNs, RDP, SSH and other remote access, and for all users when they perform a privileged action or access an important (sensitive/high-availability) data repository.
Why: Stronger user authentication makes it harder for adversaries to access sensitive information and systems.
2. Patch applications
Patch applications e.g. Flash, web browsers, Microsoft Office, Java and PDF viewers. Patch/mitigate computers with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest version of applications.
Why: Security vulnerabilities in applications can be used to execute malicious code on systems.
4. User application hardening.
Configure web browsers to block Flash (ideally uninstall it), ads and Java on the Internet. Disable unneeded features in Microsoft Office (e.g. OLE), web browsers and PDF viewers.
Why: Flash, ads and Java are popular ways to deliver and execute malicious code on systems.
6. Patch operating systems
Patch/mitigate computers (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operating system version. Don’t use unsupported versions.
Why: Security vulnerabilities in operating systems can be used to further the compromise of systems.
8. Daily backups
Daily backups of important new/changed data, software and configuration settings, stored disconnected, retained for at least three months. Test restoration initially, annually and when IT infrastructure changes.
Why: To ensure information can be accessed again following a cybersecurity incident (e.g. a ransomware incident).
We’ve got you covered
As a part of being your IT Department, we include as standard a suite of security applications to ensure you have a solid foundation of layered security and protection covering the Essential Eight, Maturity level 2 and beyond.