Back to Cyber Security

The Essential Eight Framework

Mastering the Australian Cyber Security Centre's baseline for cyber resilience.

What is the Essential Eight?

The Essential Eight is a set of baseline mitigation strategies developed by the Australian Cyber Security Centre (ACSC). It is widely regarded as one of the most effective frameworks for protecting organisations against a wide range of cyber threats, including ransomware and targeted intrusions. The strategies are designed to be practical, actionable, and scalable for businesses of all sizes.

Implementing the Essential Eight is not just about compliance; it's about building a robust defensive posture that makes it significantly harder for adversaries to compromise your systems.

The Eight Mitigation Strategies

The framework is divided into three key areas to help prevent, limit, and recover from cybersecurity incidents:

  • Application Control: Preventing the execution of unapproved or malicious programs.
  • Patch Applications: Remediating security vulnerabilities in applications in a timely manner.
  • Configure Microsoft Office Macro Settings: Blocking macros from the internet and vetting those that are permitted.
  • User Application Hardening: Configuring web browsers and other applications to block or manage high-risk content.
  • Restrict Administrative Privileges: Limiting powerful access to only those who truly need it, reducing the impact of a potential compromise.
  • Patch Operating Systems: Applying security patches to operating systems to close known vulnerabilities.
  • Multi-factor Authentication (MFA): Requiring more than just a password to verify a user's identity, making it much harder for unauthorised access.
  • Regular Backups: Ensuring reliable and comprehensive backups of important data are regularly made and tested for recovery.

How We Help You Achieve Compliance

Portal Technology provides end-to-end guidance and implementation for the Essential Eight. Our process includes:

  • Maturity Assessment: We assess your current environment against the three maturity levels of the Essential Eight to identify gaps.
  • Strategic Roadmap: We develop a clear, prioritised plan to implement the necessary controls with minimal disruption to your business.
  • Implementation & Hardening: Our expert team deploys and configures the required technical controls across your systems and applications.
  • Ongoing Management & Reporting: We provide continuous monitoring and management to ensure you maintain your desired maturity level, providing you with the reporting you need to demonstrate compliance.