Looking to achieve DISP accreditation?
Huntsman Security’s Essential 8 solutions support DISP accreditation, as they provide visibility of an organisation’s alignment to the Essential Eight (incorporating the Top 4) security controls, including areas of non-compliance, performance metrics and cyber maturity scores.
Essential 8 Auditor – Summary Dashboard
The Australian Government’s Defence Industry Security Program (DISP) is a risk management and assurance program that enables industry partners to understand and meet their security obligations when engaging in Defence projects and tenders. DISP operates using the Defence Security Principles Framework (DSPF), which aligns with the Commonwealth’s Protective Security Policy Framework (PSPF). The Top 4 of the ACSC Essential Eight controls are mandated by the PSPF.
The PSPF includes four outcomes:
- Governance – Each entity manages security risks and supports a positive security culture in an appropriately mature manner ensuring: clear lines of accountability, sound planning, investigation and response, assurance and review processes, and proportionate reporting.
- Information security – Each entity maintains the confidentiality, integrity and availability of all official information.
- Personnel security – Each entity ensures its employees and contractors are suitable to access Australian Government resources, and meet an appropriate standard of integrity and honesty.
- Physical security – Each entity provides a safe and secure physical environment for their people, information and assets.
PSPF core requirements for information security
The PSPF has a number of information security requirements. The table below is an excerpt from the Government’s PSPF web page: https://www.protectivesecurity.gov.au/information/Pages/default.aspx
Core requirements for information security
Sensitive and classified information
Each entity must:
Access to information
Each entity must enable appropriate access to official information. This includes:
Safeguarding information from cyber threats
Each entity must mitigate common and emerging cyber threats by:
Robust ICT systems
Each entity must have in place security measures during all stages of ICT systems development. This includes certifying and accrediting ICT systems in accordance with the Information Security Manual when implemented into the operational environment.
How Huntsman Security solutions can help
Huntsman Security’s Essential 8 reporting and compliance solutions support DISP accreditation. The Essential 8 Auditor and Essential 8 Scorecard systematically collect and analyse events from your infrastructure, systems, services and applications to deliver comprehensive measurement against the ACSC Essential Eight mitigation strategies, including the Top 4: application whitelisting (application control), patch applications, restrict administrative privileges and patch operating systems.
Essential 8 Auditor
The Essential 8 Auditor executes an Essential Eight audit. The product delivers a point-in-time view of an organisation’s security control effectiveness against the Essential Eight. It is self-install, and can be implemented and operated by IT staff. Results are exportable for sharing with security team colleagues, for inclusion in self-assessments or for distribution to a wider business audience locally or remotely.
Essential 8 Scorecard
The Essential 8 Scorecard continuously monitors an environment to provide ongoing visibility of Essential Eight security control effectiveness. This enables an organisation to track performance and compare performance across domains, business units and organisations.
Find out more
To arrange a product demonstration or discuss how you can measure the implementation and maintenance of the Essential Eight security controls in your organisation, contact us today.