ACSC Essential 8 Compliance Monitoring

ASD and ACSC Essential 8 compliance solution

Do you need to comply with the ACSC Essential 8?

Measure your Essential 8 Maturity and security control effectiveness with Huntsman Security’s Essential 8 Monitoring tools; a simple way to improve your compliance and provide fast, accurate reporting to all key stakeholders.

The Australian Cyber Security Centre’s ACSC  Essential 8  risk management framework is a prioritised list of eight mitigation strategies  (security controls) organisations can implement to protect their systems against a range of adversaries. The Australian Signals Directorate (ASD) found that when operating effectively, the Essential 8 mitigates 85% of targeted cyber-attacks.

Download the Essential 8 Risk & Compliance Guide

 

ACSC Essential Eight Framework April 2020

 

Why should your organisation implement the security controls?

 

Federal Government Mandatory Requirements

The  Essential 8 was published in February 2017; Australian Federal Government had previously mandated the Top 4 of these mitigation strategies for federal government departments back in 2014.  The Top 4 are also mandated by the Attorney-General’s Department’s Protective Security Policy Framework (PSPF).  The Australian Signals Directorate considers the Essential 8 to be the most effective cyber resilience ‘baseline’ for all organisations.

The December 2019 release of the Australian Government Information Security Manual (ISM) states that organisations should:

  • Assess security controls for the system and its environment to determine if they have been implemented correctly and are operating as intended.
  • Monitor the system, and associated cyber threats, security risks and security controls, on an ongoing basis.

The ACSC Essential 8 complements the advice in the ISM.

 

NSW Government Mandatory Requirements

The current NSW Government Cyber Security Policy became effective in February 2019.  The policy (section 1.5) requires, by 31 August each year, that each department submits a report detailing a maturity assessment against the ACSC Essential 8.

How can your organisation measure its compliance to the ACSC Essential 8?

Whether your  operation sits within either a federal or NSW state government organisation you will require monitoring and reporting to assess your  current status and ongoing compliance posture against the Essential 8 risk mitigation strategies.

Huntsman Security’s Essential 8 reporting and compliance solutions, Essential 8 Auditor and Essential 8 Scorecard continuously collect and analyse events from your infrastructure, systems, services and applications to deliver measurement against the ACSC Essential 8 risk mitigation strategies.

 

Essential 8 Auditor

The Essential 8 Auditor executes as cyber risk audit.  The product delivers an immediate view of an organisation’s security control effectiveness against the Essential 8. No onsite engineering is required to install the product.

Essential 8 Auditor product executes a cyber risk audit

Discover more on the Essential 8 Auditor  web page

Essential 8 Scorecard

The Essential 8 Scorecard provides continuous cyber risk measurement by monitoring and reporting on an organisation’s ongoing security control effectiveness either directly or via your IRM platform.

Australian Technology Competition Winner 2019

Essential 8 Scorecard product continuously measures essential 8 security control effectiveness

 Discover more on the Essential 8 Scorecard web page

Why customers use Huntsman Security technology for ACSC Essential 8 monitoring?

 

Flexibility and Visibility

  • Provides an immediate view of your security control effectiveness
  • Operates across cloud, on-premise or hybrid environments
  • Accurate and continuous view of compliance
  • Reliable metrics for governance review

Improves effectiveness of resources

  • Removes unknown of compliance self-assessment and reporting
  • Instantly identifies non-compliance for remediation
  • Saves time, cost and money when compared to a breach

Positions cyber security as a strategic priority

  • E8 mitigation strategies recommended for adoption by all Government
  • E8 monitoring critical to enhancing cyber posture and security awareness
  • E8 is key to defence and resilience that support on-going government service and operations

 

Want to find out more?

Download our Essential 8 Risk & Compliance Guide to discover how to measure the effectiveness of  your organisation’s security controls.

Download the Risk & Compliance Guide

Download Essential 8 Case Study