The Australian Signals Directorate (ASD) has developed prioritised mitigation strategies to help technical cyber security professionals in all organisations mitigate cyber security incidents caused by various threats.
The new document establishes the "essential 8 mitigation strategies" that ASD considers as the cyber security baseline for all organisations against malware infection and security incidents. The recommendations include:
- using application whitelisting to help prevent malicious software and unapproved programs from running
- patching applications such as Flash, web browsers, Microsoft Office, Java and PDF viewers
- patching operating systems
- restricting administrative privileges to operating systems and applications based on user duties
- disabling untrusted Microsoft Office macros to prevent them from being used as malware vectors
- blocking browser access to Adobe Flash Player, online ads and untrusted Java code
- implementing multi factor authentication
- ensuring daily back up of important data
Source: www.asd.gov.au