A recent survey conducted by BeyondTrust revealed an intriguing trend in the cybersecurity landscape: an astounding 90 per cent of Australian organisations have expressed their firm commitment to aligning their security programs with the Essential Eight framework.
This impressive statistic serves as a testament to the growing prominence and widespread adoption of the Essential Eight as a standard inclusion in cybersecurity strategies throughout the country.
The Essential Eight framework has garnered significant traction, thanks to its practicality and proven ability to enhance IT security levels for organizations.
Essential Eight explained
The Essential Eight has emerged as a fundamental framework comprising crucial cybersecurity mitigation strategies, establishing itself as a cornerstone for organizations seeking to strengthen their defense against ever-evolving threats. These eight indispensable practices have consistently proven their effectiveness in mitigating risks and enhancing the overall security posture of businesses.
Application Control stands as a paramount measure, ensuring that networks and endpoints exclusively run authorized software. Through meticulous management and restriction of application access, organizations can minimize the risk of malicious programs infiltrating their systems.
The Patch Applications strategy emphasizes the criticality of regularly applying security updates to software. Swiftly addressing software vulnerabilities is vital for maintaining a secure environment and thwarting exploitation by cybercriminals.
Configuring Microsoft Office Macro Settings assumes great importance, as macros can potentially serve as entry points for malware. By disabling or limiting their functionality, organizations can effectively hinder malicious actors attempting to exploit this vector, safeguarding critical data and systems.
User Application Hardening is an essential aspect of minimizing successful attacks. By implementing measures such as disabling unnecessary features, enforcing strong passwords, and regular software updates, the security of user applications can be significantly strengthened, enhancing their resilience against potential threats.
Restricting Administrative Privileges plays a crucial role in reducing the risk of unauthorized access and mitigating the potential impact of security incidents. By following the principle of least privilege, organizations can effectively limit the privileges of user accounts, ensuring that only authorized personnel can perform administrative tasks.
Similar to patching applications, Patching Operating Systems on a regular basis is essential. By keeping operating systems up to date with the latest security patches, organizations can minimize vulnerabilities and enhance the overall security of their networks and endpoints.
Implementing Multi-Factor Authentication (MFA) adds an extra layer of security by requiring users to provide multiple credentials for verification. By combining factors such as passwords, physical tokens, or biometrics, MFA significantly reduces the risk of unauthorized access.
Regular Backups are critical for disaster recovery and ensuring business continuity. By creating and maintaining up-to-date backups of critical data, organizations can swiftly restore their systems and minimize potential damages in the event of a security incident or data loss.
The survey results revealed interesting insights into the main challenges faced by organizations when aligning with the Essential Eight framework. A significant proportion of respondents, 63 per cent, identified application control as a major hurdle, highlighting the difficulties in managing and restricting access to applications. User application hardening was also cited by 51 per cent of respondents as a significant challenge in implementing effective cybersecurity measures. Patching applications was mentioned as a difficulty by just under half, 49 per cent of participants, while 44 per cent acknowledged the struggle of limiting administrative privileges.
The survey also shed light on the increasing workload of security teams, with a substantial 85 per cent of organizations pursuing a Zero Trust security model. Among those surveyed, 85 per cent reported either having processes in place or making progress towards implementing Zero Trust.
However, the survey revealed that 46 per cent of organizations still allow third-party remote access to their internal systems through VPN, which may undermine the principle of least privilege. VPNs typically provide all-or-nothing access to systems while users are connected unless meticulous effort is made to maintain routing rules. This practice raises concerns about efficiency and security risks.
Interestingly, the survey found that 69 per cent of respondents from organizations adopting the Zero Trust model admitted that users in their organization have excessive privileges beyond what is necessary for their roles. Ultimately, the Zero Trust security model advocates for the establishment of zones and segmentation to control access to sensitive IT resources.
This approach requires the deployment of technology to monitor and manage data, users, applications, assets, and other resources between zones. Authentication within zones also plays a critical role in maintaining a robust security posture.
“The findings of this survey suggest that while many Australian organisations are embarking on a Zero Trust strategy, they are potentially missing one of the foundations of the strategy: the principle of least privilege,” says Scott Hesford, Director of Solutions Engineering, Asia Pacific and Japan, BeyondTrust. “Excessive privileges and common VPN configurations go against the principle of least privilege – the concept of providing just the right amount of access for the specific amount of time for a user to complete a task – and are commonly exploited by cyber attackers.”
“The survey findings also reflect the challenges around the Essential Eight expressed by cybersecurity professionals that we speak to every day,” says Hesford. “Many teams struggle to find the balance between productivity and security for aspects of the Eight, such as application control and restricting admin privileges.”
“Ongoing budget and resourcing constraints mean that organisations are looking to consolidate strategies of application control, user application hardening and restricting admin privileges into a single solution set.”