Identify your ACSC Essential 8 compliance and maturity
Measure your ACSC Essential 8 compliance. Huntsman Security’s Essential 8 Monitoring tools accurately measures security control effectiveness and maturity levels against the Essential 8 Maturity Model ; a fast, simple way to improve compliance, provide visibility and share reports with all key stakeholders.
Essential 8 Auditor – Security Control Summary Dashboard
The Australian Cyber Security Centre’s ACSC Essential 8 risk management framework is a prioritised list of eight mitigation strategies (security controls) organisations can implement to protect their systems against a range of adversaries. The Australian Signals Directorate (ASD) found that when operating effectively, the Essential 8 mitigates 85% of targeted cyber-attacks.
Download the Essential 8 Risk & Compliance Guide
Why should your organisation implement the security controls?
Federal Government Mandatory Requirements
The Essential 8 was published in February 2017; Australian Federal Government had previously mandated the Top 4 of these mitigation strategies for federal government departments back in 2014. The Top 4 are also mandated by the Attorney-General’s Department’s Protective Security Policy Framework (PSPF). The Australian Signals Directorate considers the Essential 8 to be the most effective cyber resilience ‘baseline’ for all organisations.
The December 2019 release of the Australian Government Information Security Manual (ISM) states that organisations should:
- Assess security controls for the system and its environment to determine if they have been implemented correctly and are operating as intended.
- Monitor the system, and associated cyber threats, security risks and security controls, on an ongoing basis.
The ACSC Essential 8 complements the advice in the ISM. The ACSC Advisory 2020-008 states that two of the Essential Eight controls which, if implemented, would have greatly reduced the risk of compromise by the identified TTPs.
NSW Government Mandatory Requirements
The current NSW Government Cyber Security Policy became effective in February 2019. The policy (section 1.5) requires, by 31 August each year, that each department submits a report detailing a maturity assessment against the ACSC Essential 8.
How to measure your organisation’s compliance to the ACSC Essential 8?
Whether your operation sits within either a federal or NSW state government organisation you will require monitoring and reporting to assess your current status and ongoing compliance posture against the Essential 8 risk mitigation strategies.
Huntsman Security’s Essential 8 reporting and compliance solutions, Essential 8 Auditor and Essential 8 Scorecard continuously collect and analyse events from your infrastructure, systems, services and applications to deliver measurement against the ACSC Essential 8 risk mitigation strategies.
Essential 8 Auditor
The Essential 8 Auditor executes as cyber risk audit. The product delivers an immediate view of an organisation’s security control effectiveness against the Essential 8. No onsite engineering is required to install the product.
Discover more on the Essential 8 Auditor web page
Essential 8 Scorecard
The Essential 8 Scorecard provides continuous cyber risk measurement by monitoring and reporting on an organisation’s ongoing security control effectiveness either directly or via your IRM platform.
Discover more on the Essential 8 Scorecard web page
Why customers use Huntsman Security technology for ACSC Essential 8 monitoring
Flexibility and Visibility
- Provides an immediate view of your security control effectiveness
- Operates across cloud, on-premise or hybrid environments
- Accurate and continuous view of compliance
- Reliable metrics for governance review
Improves effectiveness of resources
- Removes unknown of compliance self-assessment and reporting
- Instantly identifies non-compliance for remediation
- Saves time, cost and money when compared to a breach
Positions cyber security as a strategic priority
- E8 mitigation strategies recommended for adoption by all Government
- E8 monitoring critical to enhancing cyber posture and security awareness
- E8 is key to defence and resilience that support on-going government service and operations
Want to find out more?
Download our Essential 8 Risk & Compliance Guide to discover how to measure the effectiveness of your organisation’s security controls.