Cyber Essential

What does this model mean for your organisation?

Organisations are recommended to implement these eight essential mitigation strategies as a baseline. By implementing them, it makes it much harder for adversaries to compromise systems.

What does this model mean for your organisation?

Objectives of the mitigation strategies

The Essential Eight mitigation strategies focus on achieving the following objectives to help organisations counter
cyberthreats:

Objectives of the mitigation strategies
ManageEngine's guide to implementing the Essential Eight Maturity Mode</.

Implement the Essential Eight in your
organisation

Download our guide

Maturity levels

To follow and implement the Essential Eight effectively, organisations can determine the maturity of their cybersecurity approach based on four levels. These maturity levels are defined as follows:

0

Maturity Level Zero: Not aligned with the intent of the mitigation strategy

1

Maturity Level One: Partly aligned with the intent of the mitigation strategy

2

Maturity Level Two: Mostly aligned with the intent of the mitigation strategy

3

Maturity Level Three: Fully aligned with the intent of the mitigation strategy

Each of these levels (excluding Maturity Level Zero), which are devised based on the adversary's tradecraft (such as tools, techniques, or procedures) and targeting, provides a systematic approach to implementing the mitigation strategies.

ManageEngine's Essential Eight for your organisation

Although there's no single solution that can address all the strategies you should implement, the right combination of processes and IT tools can make reaching Maturity Level Three easy. The mitigation strategies that constitute the Essential Eight are: application control, patch applications, restrict Microsoft Office macros, user application hardening, restrict administrative privileges, patch operating systems, multi-factor authentication, and regular backups. Here's how ManageEngine solutions can help your organisation:

Patchoperatingsystems 06 Patch applications 02 Application control 01 Regular backups 08 Restrict administrative privileges 05 Multi-factor authentication 07 Restrict Microsoft Office macros 03 User application hardening 04 Essential Eight Maturity Model
Endpoint Central
Application control

Application control

Application control enables trusted applications to be allowed or malicious applications to be blocked based on the requirements in the enterprise. Endpoint Central and Log360 allow you to block malicious applications from running in the enterprise's network. Further, PAM360 enables admins to allowlist select applications and commands that can be run using privileged accounts during secure remote sessions.

01

Patch applications

Patch applications

Vulnerability management includes scanning for threats, vulnerabilities, and misconfigurations in different endpoints and suggesting relevant patches or mitigations for them. Endpoint Central has a patch management module that can patch security vulnerabilities in Microsoft applications and over 300 third-party applications.

02

Restrict Microsoft Office macros

Restrict Microsoft Office macros

Script configurations allow Microsoft Office settings to be changed for user or computer groups in an environment. Not only can Endpoint Central help with this but it can also block unwanted software from being downloaded using its browser security module.

03

User application hardening

User application hardening

Application hardening blocks unnecessary services like Flash, Java, or web advertisements. Endpoint Central takes care of disabling or uninstalling these services. All default usernames and passwords for an organisation’s approved list of applications can also be changed using Endpoint Central.

04

Restrict administrative privileges

Restrict administrative privileges

Listing all administrative privileges revalidates the administrator accounts of an organisation, including local, domain, and enterprise admin groups and accounts with special privileges. With PAM360 and AD360, the number of required privileges and their validity can be checked and modified.

05

Patch operating systems

Patch operating systems

Patch management provides central control over an organisation's patching schedule and distribution. Network Configuration Manager and Endpoint Central ensure operating systems like Windows, macOS, and Linux are patched with support for a wide range of drivers. Patches can also be deployed to servers, workstations, and mobile devices using the mobile device management module available in Endpoint Central.

06

Multi-factor authentication

Multi-factor authentication

Multi-factor authentication (MFA) helps reduce the attack surface and protects organisations by initiating a higher level of identity assurance. Using Endpoint Central, AD360, or PAM360 and based on their requirements, MFA can be enabled for all users or systems in an organisation's network.

07

Regular backups

Regular backups

Backup assessments determine the need to back up records, prioritise backed-up content, and devise a plan to perform these backups. Depending on an organisation's requirements, Network Configuration Manager and AD360 can perform daily incremental backups, daily backups, or weekly backups. Regular restoration testing and disaster recovery plans can also be implemented.

08

Business use case

Business use case

Addressing Log4j's software library vulnerabilities

Recently, adversaries were looking to exploit vulnerabilities in Apache’s Log4j software library including CVE-2021-44228 (referred to as Log4Shell), CVE-2021-45046, and CVE-2021-45105. As a Java-based logging library, Log4j is used extensively in consumer and enterprise services, websites, and applications. These vulnerabilities are rated Critical, especially since adversaries run codes from remote locations to take control of weak systems for cryptomining and botnet malware.

Using some strategies from the Essential Eight model, the ACSC recommends:

  • Prioritised mitigations
  • Detections
  • Update all Log4j-related applications to the latest version.
  • Apply the latest patches released by vendors for vulnerability remediation.
  • When upgrading isn't an option, hardening to disable the JNDI functionality is advised.
  • As a last resort, the network should be segmented and segregated.
  • Monitor continuously for indications of exploitation and compromise.
  • Investigate unknown patches and Log4J modifications, as adversaries are known to take advantage of the ongoing vendor-based patch releases and Log4j updates.

Resources

Get more details

If you're looking to understand how ManageEngine can help your organisation implement the Essential Eight mitigation strategies, grab a copy of our guide by filling out the form below and we'll email it to you right away.

Name* Please enter the name
Work email*
Phone number Please enter your phone number
Organization
Country*
Other auditing needs
Please mention your IT requirements Please mention your IT requirements

By clicking ‘Get my copy’, you agree to processing of personal data according to the Privacy Policy.

Disclaimer:

The complete implementation of the Essential Eight Maturity Model scheme requires a variety of solutions, processes, people, and technologies. The solutions mentioned in our guide are some of the ways in which IT management tools can help with the implementing the Essential Eight requirements. Coupled with other appropriate solutions, processes, and people, ManageEngine’s solutions help implement the Essential Eight Maturity Model. This material is provided for informational purposes only, and should not be considered as legal advice for the Essential Eight Maturity Model implementation. ManageEngine makes no warranties, express, implied, or statutory, as to the information in this material.