I Need To...

Comply with the Australian Cyber Security Centre’s (ACSC) Essential 8 Cybersecurity Controls

woman looking at laptop

Implement the Essential 8

Reduce cyber security risks by 85% when you adopt the "Essential Eight" recommended requirements of the ACSC.

Learn more

The Department of Transport achieves compliance

Read a full case study on how the ACSC Essential 8 cybersecurity controls were achieved.

Read Case Study

What Are the Essential 8? Can I get Level 3 Maturity?

Learn what the Essential 8 are, why they matter to your organisation and how Ivanti’s solutions can help your business achieve compliance.

Download Whitepaper

What are the ACSC Essential 8?

The ACSC Essential 8, (expanded version of ASD Top 4) is a list of eight mitigation strategies for businesses and large organisations to prevent cyber security incidents. The Australian Signals Directorate (ASD), in agreement with the Australian Cyber Security Centre (ACSC) has developed the Essential 8 strategies to improve security controls, protect organisations’ computing resources and systems and keep data secure against cyber security threats.

Essential 8 Compliance With Less Vendors

While mandatory for government agencies to an advanced maturity level 3, organisations in the private sector are increasingly looking to the ACSC Essential 8 as best practices to secure their environments and mitigate cyber security incidents. Among the most effective security measures available, implementing whitelisting, patching and restricting administrative privileges will help protect your organisation from 85% of the intrusion techniques to which the ACSC responds. Mitigate risk, reduce threat vectors, and improve remediation and recovery.

Strengthen security with multiple layers of defence

Cyber threats pose many challenges, and there’s no silver bullet to combat them. But you can radically improve your security with a multi-layered approach.

Discovery and inventory

ACSC recommends you understand your hardware & software assets before starting Essential 8.

Application Control

Application Whitelisting to allow only trusted sources and known authorised software to run and protect against ransomware & malware.

Patch the OS

Keep desktop and server, Windows and Linux platforms up to date.

Patch 3rd party applications

Automate updates and deploy patches to 3rd party applications which account for 86% of vulnerabilities

Privilege management

Implement a least privilege model to protect and limit lateral movement. Remove full admin rights to servers and define who can use specific devices and applications.

Harden applications

Control how applications are configured and interact with the system and user environment.

Manage macros

Secure use of macros and what they can do.

Multi factor authentication

Implement a Zero Sign on experience to remove passwords.

Compliance you can prove

Understand the threat posture of your organization with reporting in real time.

You can also check the Australian Government Information Security Manual (ISM) which includes more information on the Essential 8 mitigation strategies and how to implement them.