Sie sind auf Seite 1von 1

The ASD Essential Eight

The ASD Essential Eight, part of the wider ASD’s Top 35 Strategies to Mitigate Cyber
Security Incidents, are a prioritised list that once implemented, provide a baseline
security posture for organisations. The strategies are designed to reduce risk and
protect against cyber threats, making it harder for adversaries to compromise systems.
The list is produced by the Australian Signals Directorate, who developed the list
from responding to cyber security incidents. While no single mitigation strategy is
guaranteed to prevent cyber security incidents, implementing the eight essential
mitigation strategies provides a solid foundation.

The Essential Eight Strategies


To prevent malware running: About NCC Group
1. A
 pplication Whitelisting - only pre-selected software
applications can run on computers, preventing all others NCC Group is a global expert in cyber security and
from running malware. risk mitigation, working with organisations to
protect their brand, value and reputation against the
2. P
 atch Applications - within 48 hours of patch release, and ever-evolving threat landscape.
use the latest version of applications so any vulnerabilities
cannot be exploited. Our extensive portfolio covers technical security
3. Configure Microsoft Office macros settings to block macros consulting, risk mitigation and governance, security
from the Internet and only allow vetted ones to be used. assurance and escrow services. We are a CREST
Macros can be used to deliver and execute malicious code. supplier for Threat Intelligence services under the
STAR scheme and our UK Security Operations
4. User application hardening - block access to Adobe Flash Centre is only the second globally to be CREST
Player, web ads and untrusted Java code to block possible accredited.
malware entry points.
To limit the extent of security incidents: Headquartered in Manchester, UK, with over 35
offices across the world, NCC Group employs more
5. Restrict administrative privileges to those who need them than 2,000 people and is a trusted advisor to
and to only perform specific admin tasks, adversaries 15,000 clients worldwide.
use these accounts to gain full access to information and
systems. With our knowledge, experience and global
6. P
 atch operating systems with extreme risk vulnerabilities footprint, we are best placed to help organisations
within 48 hours, always use the latest operating version and identify, assess, mitigate & respond to the risks they
don’t use unsupported versions. Security vulnerabilities in face.
operating systems can be exploited.
7. Multi-factor authentication using strong authentication
which requires an additional piece of information makes it
harder for adversaries to compromise accounts even if the
password is known.
8. Perform daily backups and test restoration initially, annually
and when IT infrastructure changes to restore information
after a security incident.

+61 (0) 2 9552 4451 apac@nccgroup.trust www.nccgroup.trust

Das könnte Ihnen auch gefallen