Updates to ACSC’s Essential Eight Maturity Model To Enhance Cybersecurity

Insights


Updates to ACSC’s Essential Eight Maturity Model To Enhance Cybersecurity

15 February 2024

The Australian Cyber Security Centre (ACSC) has recently updated its Essential Eight Maturity Model (E8MM). The E8MM is designed to help businesses implement the Essential Eight baseline recommendations from the ACSC’s Strategies to Mitigate Cyber Security Incidents. These recommendations protect businesses from common cyber-threats. The November 2023 E8MM update focuses on modifying patching timeframes, increasing phishing-resistant multi-factor authentication, supporting management of cloud services, and performing incident detection and response for internet-facing infrastructure.

 

Depending on your businesses’ maturity level, key changes to the E8MM may include:

  • Conducting vulnerability scans for high-risk software and implementing patches more often;
  • Removing the ability for customers to easily opt-out of using multi-factor authentication;
  • Requiring multifactor authentication to use either “something users have or something users know” and making it phishing resistant;
  • Restricting administrative privileges and adding new security measures to those accounts;
  • Requiring Internet Explorer 11 to be disabled or removed;
  • Encouraging more regular backups of all data, not just important data; and
  • Reporting and responding to identified cyber incidents

 Feel free to contact us if you’d like to know more about the E8MM updates or the ACSC’s Strategies to Mitigate Cyber Security Incidents.

No Comments

Post A Comment