What is the Essential Eight (And Why Non-Aussies Should Care)

2022-06-14 07:51

The Essential Eight is essentially a cyber security framework that is made up of objectives and controls.

The Essential Eight is "Based on the ACSC's experience in producing cyber threat intelligence, responding to cyber security incidents, conducting penetration testing and assisting organizations to implement the Essential Eight".

Another reason for those outside of Australia to pay attention to the Essential Eight is because most developed nations have cyber security regulations that closely mimic the Essential Eight.

The Essential Eight are divided into four maturity levels, with Maturity Level 0 indicating that the organization is not at all secure.

The Patch Applications objective states that patches for vulnerabilities in Internet facing services should be patched within two weeks, unless an exploit exists, in which case patches should be applied within 48 hours of becoming available.

These patches normally arrive on "Patch Tuesday", but out of band patches are sometimes deployed when serious vulnerabilities are being patched.

News URL

https://thehackernews.com/2022/06/what-is-essential-eight-and-why-non.html