on 01 Mar 2022
Cyber hygiene is a first line of defence to strengthen security posture
Good cyber hygiene is essential for strong cyber defence and resilience against attacks. The Australian Cyber Security Centre has released an advisory urging Australian organisations to adopt an enhanced cyber security posture urgently.
Escalating cyber risk
There is increasing concern that the rapid escalation of the Ukraine-Russia conflict and Australia’s sanctions against Russia might provoke state-based attackers seeking retribution. Australia presents a large attack surface with its critical infrastructure connected to the internet – hospitals, electricity, gas, water, tolls, finance systems, and so much more. Furthermore, many opportunist cybercriminal operators from other countries may exploit the chaos for their agenda.
While the ACSC has not reported any current or specific threats to Australian organisations, it warns that the volume, nature and impact of cyber attacks is expected to continue as the conflict plays out. The ACSC recommends urgently reviewing and improving cyber security incident detection, mitigation, and response measures, including ensuring that logging and detection systems are updated and functioning. Organisations should also make sure their cyber incident response plans are up to date and review their business continuity planning to ensure they can keep operating if they are affected by any cyber fallout.
Cyber hygiene
Microsoft and Satalyst cyber security experts recommend the following cyber security hygiene practices to strengthen security posture and proactively protect against potential threats.
- Enable multifactor authentication
- Apply least privilege access and secure the most sensitive and privileged credentials
- Review all authentication activity for remote access infrastructure
- Secure and manage systems with up-to-date patching
- Use anti-malware and workload protection tools
- Isolate legacy systems
- Enable logging of key functions
- Validate your backups
- Verify your cyber incident response plans are up to date
ACSC’s Essential Eight mitigation strategies
While no set of mitigation strategies are guaranteed to protect against all cyber threats, the ACSC recommends organisations to implement eight essential mitigation strategies known as the Essential Eight. The Essential Eight is a baseline of mitigation strategies, which makes it much harder for adversaries to compromise systems.
The mitigation strategies that constitute the Essential Eight are: application control, patch applications, configure Microsoft Office macro settings, user application hardening, restrict administrative privileges, patch operating systems, multi-factor authentication and regular backups.
Speak with a cyber security expert
Satalyst has a dedicated Cyber Security Practice offering Cyber Security Operations and Cyber Security Project services. We offer a range of cyber security services. Including security maturity assessments, security training, advisory, remediation and uplift, and managed threat detection and response services.
Satalyst can assist with best practice Microsoft Security and cyber security mitigation strategies.
Speak with an expertAbout Satalyst
As part of Canon Business Services ANZ and a leading Gold Microsoft Partner specialising in cloud, security, and data, Satalyst has over 10 years of expertise in delivering innovative cloud solutions to Australian businesses. We’re committed to a customer-centric approach in transforming business processes and productivity, by offering tailored support, change management, and training to clients at all stages of their technology project rollouts.
Our team will adapt to your preferred style by either working collaboratively alongside you or working for you and taking it off your hands. Our experts have cutting-edge skills and knowledge in cloud and security but will also readily engage with your business to understand your objectives, culture, and operating style.
Categories:
Tags: