Australia has released their Essential Eight Maturity Model (EEMM), and we have to hand it to them, it is good. It is simple, easy to interpret, and focuses on cyber threat prevention, instead of reaction.
Australia’s Guide to Cyber Threat Prevention
Let’s take a look at the eight essential steps included Australia’s EEMM,
- Application whitelisting
- Patching applications
- Configuring MS Office macro settings
- Application hardening
- Restricting administrative privileges
- Multi-factor authentication
- Patching operating systems
- Daily backups
As you can see, all of them are easy to interpret, free of technical jargon, and manageable. The EEMM has also provided clear direction on what the expectations are for each level of compliance within the eight sections.
Given the new light being shed on cybersecurity, modern threats, and the risks associated with cyber crime, it is incredibly refreshing to see clear direction being provided that everyone from home users to large businesses can follow. To be fair, the United States government has been encouraging cyber threat prevention steps, like the use of application whitelisting as a method of cyber threat prevention for years. They also included it as a component of the Cybersecurity Maturity Model Certification (CMMC.) However, the CMMC is long, quite cumbersome, and frankly could be overwhelming to many smaller businesses who lack IT resources.
American Small Business
According to the Small Business Administration, the United States has over 30 million small businesses. Many of these small businesses likely do not have a Chief Information Security Officer (CISO) to interpret the CMMC, or any other IT regulations. Therefore, it is important that the American government simplify the steps needed to keep these businesses secure from modern cyber threats.
By replicating the eight essentials outlined by Australia, American businesses can better their security posture. Let’s review those eight components again.
- Application whitelisting – Application whitelisting, allowlisting, or application control only allows for known, trusted programs to execute. Similar to Airlock Digital – an Australian cybersecurity firm focusing on application control, Americans can use PC Matic, an American cybersecurity firm focusing on application control.
- Patching applications – Thanks to the cloud, patch management has become increasingly easy. Therefore there should be no excuses for not keeping third-party applications updated within 48 hours of an update being released.
- Configuring MS Office macro settings – Organizations are able to do so by going into the Microsoft Office settings and disable macros.
- Application hardening – This is simply putting increased controls on the applications that are allowed to run. For example, it may include reducing what webpages employees have access to, abilities to download software, or change security settings.
- Restricting administrative privileges – Organizations are encouraged to complete an audit of who has admin rights for the network. By completing an audit the company can determine who needs access, who has access, and remove privileges accordingly.
- Multi-factor authentication – Setting up multi-factor authentication, like passwords coupled with SMS messaging, reduces the threat of unauthorized individuals gaining access to the network.
- Patching operating systems – Similar to patching applications, operating systems have the ability to auto-update, and should be deployed within 48 hours of availability.
- Daily backups – It is best practice to keep backup files updated. By doing this daily, it will reduce lost data in the event of a cyber attack, or even hard drive/server crashes.
There you have it! Eight, digestible steps anyone can take to increase their cybersecurity posture. Stay safe out there!