In the fast-evolving realm of cybersecurity, the Australian Signals Directorate (ASD) takes a proactive stance with significant updates to its Essential Eight Maturity Model. These enhancements aim to bolster the cybersecurity postures of organisations, reflecting the ever-changing threat landscape.
Patching Prioritisation: A Race Against Vulnerabilities
ASD’s commitment shines through in the intensified focus on patching critical vulnerabilities within a swift 48-hour timeframe. From Maturity Level One to Maturity Level Three, organisations are now mandated to address high-priority scenarios promptly. This includes a condensed patching timeframe for applications interacting with untrusted content from the internet, reinforcing defence against potential exploits.
Multi-Factor Authentication (MFA) Reinvented
Evolution in MFA requirements is pivotal, with Maturity Level One now demanding ‘something users have’ alongside ‘something users know.’ This shift addresses the vulnerabilities of relying solely on passwords, extending phishing-resistant MFA options even to lower maturity levels. Aligning with global standards, organisations are now obligated to adopt advanced authentication measures, fortifying defences against real-time phishing or social engineering attacks.
Data Governance and Administrative Privileges: A Systematic Approach
Recognising the critical role of data governance, the updated model emphasises consistency in processes for privileged access to data repositories. This spans Maturity Level One through Maturity Level Three, underscoring the need for a systematic approach to manage access to sensitive data. The model now explicitly demands the identification and limitation of privileged accounts for cloud services.
Application Control and Microsoft Office Macros: Adapting to Threats
Addressing the evolving techniques of malicious actors, application control changes focus on annual reviews of rulesets. The requirement for Microsoft Office macros shifts towards using more secure V3 digital signatures at Maturity Level Three, recognising the limited benefit of collecting and analysing macro execution events.
User Application Hardening and Regular Backups: Adapting to New Realities
With Internet Explorer 11 no longer supported, organisations are required to disable or uninstall it from operating systems at Maturity Level One and Maturity Level Two. The importance of considering business criticality when prioritising backups is highlighted across all maturity levels.
Cross-Cutting Measures and Language Consistency: Strengthening the Core
The model introduces cross-cutting measures like centralising event logs for detecting potential compromise signs. It emphasises language consistency from mapped controls within the Information Security Manual (ISM), ensuring alignment and facilitating automatic ingestion of ISM’s OSCAL baselines for the Essential Eight.
Conclusion: A Resilient Cybersecurity Framework
In conclusion, the recent updates to the Australian Essential Eight Maturity Model showcase a proactive response to evolving cybersecurity challenges. The refined focus on critical patching, strengthened MFA requirements, enhanced data governance, and other strategic enhancements collectively contribute to a more resilient and adaptive cybersecurity framework for organisations in an ever-evolving threat landscape.