The Essential Eight is the Australian Cyber Security Centre (ACSC)’s prioritised list of cybersecurity risk mitigation strategies designed to harden an organisation’s cyber defences against the most common attack vectors. It is required for Australian Government departments and agencies. Many private sector organisations also implement the mandate and its best practices.

The Essential Eight aligns with the Australian Government’s Information Security Manual (ISM), providing organizations with additional details on the security controls they should actively implement.

The ISM framework breaks down into cybersecurity principles and guidelines. The principles strategically guide four key activities: govern, protect, detect, and respond. The guidelines offer practical guidance on governance, physical security, personnel security, and information and communications technology security.

While Essential Eight initiatives can be complex, BeyondTrust’s Privileged Access Management (PAM) products can significantly help organisations to meet Essential Eight mitigation strategies.

The Essential Eight baseline set of strategies for hardening systems are as follows:

Prevent malicious code from running on systems, application control ensures that only approved applications can be executed.
Limit access to operating systems and applications based on user duties using the concept of least privilege, while regularly revalidating the need for privileges.
Patch or mitigate applications with ‘extreme risk’ vulnerabilities within 48 hours; use the latest version of applications.
Patch/mitigate computers (including network devices) with ‘extreme risk’ vulnerabilities within 48 hours. Use the latest operating system version.
A common attack vector, macros can contain malicious code that when executed can provide attackers with access to sensitive information.
Multi-factor authentication is used to authenticate privileged users of systems or for all users when they perform a privileged action.
Focused on applications that interact with content from the web, this strategy limits the capabilities of malicious content looking to evade application control.
Backup critical data, systems and configs daily, and retain for an appropriate length of time – a minimum of 3 months is recommended.

The Essential Eight strategies are built into four levels. The ACSC advises organisations to actively align with the Essential Eight by selecting a target level based on two things:

  • the importance of the data the organisation is protecting, and;
  • the capability and determination of likely attackers.

Furthermore, organizations should actively refrain from selecting different levels for the eight strategies. Instead, they should focus on growing in maturity across all controls at the same level before progressing to the next level of maturity. The four levels are:

  • Level Zero: Significant weaknesses that could be exploited by attackers.
  • Level One: Partly aligned with the intent of the mitigation strategy.
  • Level Two: Mostly aligned with the intent of the mitigation strategy.
  • Level Three: Fully aligned with the intent of the mitigation strategy.

For further information on the maturity model, visit the ACSC’s documentation on the Essential Eight Maturity Model.

The BeyondTrust Privileged Access Management (PAM) platform delivers a comprehensive, integrated solution to manage, monitor, and audit every privilege and privileged session.

Here are just some of the ways that BeyondTrust can assist with some of the Essential Eight strategies:

Application Control: With BeyondTrust’s Privilege Management for Windows and Mac and Privilege Management for Unix and Linux, you can assign just-in-time privileges only to approved applications, scripts, tasks, and commands across both endpoints and servers.

User Application Hardening: BeyondTrust Privilege Management for Windows and Mac can block the execution of child processes, code injection into other processes and the creation of executable content. Our solution also includes the ability to implement effective whitelisting, greylisting and blacklisting, where unknown applications can be prohibited from executing, significantly reducing the attack vector on end points.

Restricting Administrative Privileges: Limit access to operating systems and applications based on user duties using the concept of least privilege while regularly revalidating the need for privileges.

BeyondTrust assists organisations to remove local admin rights from day one, without impacting user productivity. In addition, BeyondTrust provides secure access control, auditing, alerting and recording of any privileged account.

Contact us to learn more about using BeyondTrust to satisfy Essential Eight requirements.

Contact Sales
Want to learn why over 20,000 customers chose BeyondTrust?
Prefers reduced motion setting detected. Animations will now be reduced as a result.