emPower
Strategies against cyber threats
Information Security

The Essential Eight – Strategies to Mitigate Cyber Threats

February 11, 2019

While going through articles published on ZDnet by Stilgherrian, I came across one of his old articles published in 2017 on a cyber-heist incident involving a subcontractor. The article led me to the Australian Cyber Security Centre (ACSC) website. ACSC recommends eight cybersecurity strategies for organizations. These strategies can help mitigate cyber threats and protect your data against cyber attacks. If you manage cyber security at an organizational level, then you should check if the following eight points are set as your priorities.

Eight strategies to mitigate cyber threats

The Australian Cyber Security Centre (ASCS) recommends the implementation of these eight strategies as a baseline. Proactive implementation of these strategies could help your organization protect its data and systems against possible cyber security incidents.

Here are the eight strategies that you, as an organization, should consider a priority:

  1. Application Whitelisting – to prevent ‘non-approved’ applications from executing;
  2. Patching Applications – to mitigate the risks poses by known security vulnerabilities in applications;
  3. Configuring Microsoft Office Macro settings – to block untrusted macros;
  4. User Application Hardening – to protect against vulnerable functionality;
  5. Restricting Administrative Privileges – to prohibit malicious actors from gaining full access to information and systems;
  6. Patching Operating Systems – to mitigate the risk of known operating system vulnerabilities being exploited by hackers.
  7. Multi-Factor Authentication – to protect against risky activities; and
  8. Daily Backups – to ensure that the information is accessible even after a cyber security incident.

You can read more about these cyber attack mitigation strategies on the ASCS website. These strategies can do a lot to protect your system against:

  1. Advanced persistent attacks that aim at stealing data.
  2. External attacks, such as ransomware that aim at destroying data or immobilizing your computer networks.
  3. Insider attempts.

P.S. If you want to understand the value of these eight strategies, we suggest that you should visit this page on the ASCS website.

You may also like

Like this post? Subscribe to receive updates directly in your inbox.