In the ever-evolving landscape of cybersecurity, staying ahead of threats is crucial. The Essential Eight is a set of strategies designed to fortify online services, operating systems, and devices against cyber-attacks. This framework emphasizes proactive measures such as rapid patching, multi-factor authentication, and stringent access controls to safeguard sensitive data. By implementing these updated protocols, organizations can significantly enhance their security posture and resilience against potential breaches. You can read more about Essential Eight here. Recently, it was updated to ensure greater protection. Here is a brief overview:
Patching timeframes: The update introduces 48-hour response timeframes for addressing critical vulnerabilities in online services, operating systems and drivers/firmware. It also changes the patching timeframes for high-risk software and less important devices.
Multi-factor authentication: The update requires MFA for customers of online services that store sensitive data, unprivileged users of systems and devices, and phishing-resistant MFA for users of online services and devices.
Privileged access: The update adds requirements for granting, controlling and rescinding privileged access to data repositories, limiting internet access for privileged accounts, using Secure Admin Workstations, and enabling memory integrity and Local Security Authority protection.
Application control: The update changes the requirement for application control from NTFS permissions to an application control solution, implements Microsoft’s recommended application blocklist, and removes the requirement for logging macro events.
Event logging: The update requires centralised logging, protection and analysis of event logs, reporting and responding to cyber security incidents, and logging of PowerShell and command line events.
Read about all the new changes here: Essential Eight Maturity Model Changes | Cyber.gov.au
