Share this article on:
The Australian Signals Directorate via the Australian Cyber Security Centre (ACSC) has released the Essential Eight Assessment Guidance Package in an effort to advise businesses on the best way to protect themselves from cyber threats.
The package provides guidance on the ACSC’s Essential Eight, which is comprised of eight mitigation strategies to help businesses and institutions remain cyber safe and protect their assets.
The ACSC maintains that “while no single mitigation strategy is guaranteed to prevent cyber security incidents, organisations are recommended to implement eight essential mitigation strategies as a baseline.
“This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems.”
The Essential Eight includes:
The new package is made up of the Essential Eight Assessment Process Guide and the Essential Eight Assessment Report Template, which together “enable a high quality, consistent approach for entities to assess the effectiveness of their implementation of the Essential Eight security controls”, according to the ACSC.
The Essential Eight Assessment Process Guide outlines detailed methods of assessment for each of the Essential Eight, whilst the Essential Eight Assessment Report Template outlines the requirements covered in an Essential Eight Assessment Report and is to be used as a tool for filling out reports, aiding consistency.
The Essential Eight Assessment Guidance Package is yet another tool in the ACSC arsenal, complementing the Essential Eight Maturity Model, which covers the implementation of the Essential Eight, as well as the Essential Eight Maturity Verification tool and the Application Control Verification Tool, which allows for the businesses cyber security standards to be tested against five of the Essential Eight on a Microsoft Windows system.
Protection from cyber threats has been brought to the forefront of business owners’ minds in the last few months, following the major attacks on Medibank and Optus.
The ACSC’s Small Business Survey Report found that 62 per cent of respondents had been victims of cyber crime and that annual losses to cyber crime nationwide are estimated to be $300 million per year.