The Essential Eight Maturity Model is Australia’s leading framework for how organisations should manage their cybersecurity. It’s a straightforward but difficult-to-implement model. Yet, it’s still worth it because it’ll significantly improve your organisation’s security posture.
You’ll learn exactly how through the following case study of an Australian engineering business.
Case Study
EngiTech is a small-to-medium-sized Australian engineering company that transformed its cybersecurity infrastructure. They started by recognising the importance of the Australian Cyber Security Centre’s (ACSC) Essential Eight Maturity Model.
The company’s goal wasn’t just to improve its digital infrastructure. They also wanted to become a secure partner for government contracts. And they achieved this.
We’ll delve into the challenges and successes EngiTech experienced in achieving the Essential Eight Maturity Model.
Background
EngiTech is a 150-employee-strong engineering company in a technologically advanced sector. They serve both other private firms and government agencies. With ambitions to receive government tenders, EngiTech realised they’d have to adhere to strict cybersecurity standards.
So, they turned to the Australian Cyber Security Centre’s (ACSC) Essential Eight Maturity Model. This was no easy model to implement since EngiTech has a complex working environment that involves offshore employees and frequent international travel.
This case study explores EngiTech’s journey into adopting the essential Eight model and becoming eligible for government contracts.
The Essential Eight: A Brief Overview
The ACSC developed the Essential Eight as a framework to help organisations improve their defence against cyber threats. This framework has three objectives: preventing, limiting, and recovering from attacks.
Here are the eight strategies it includes.
Strategy 1: Application Whitelisting:
Application whitelisting is when only approved applications can run on your computers. It reduces the risk of malware by preventing unauthorised execution of potentially malicious software.
You’ll perform application whitelisting by only approving applications that are integral to your organisation’s workflow.
Strategy 2: Patch Applications
This strategy involves regularly installing updates and applying security patches to remove potential vulnerabilities. This strategy minimises potential vulnerabilities by keeping your applications updated.
You can follow this strategy by automatically downloading the latest patches for your applications.
Strategy 3: Configure Microsoft Office Macro Settings:
Configuring your Microsoft Office Macro Settings aims to prevent macros from the web. This includes disabling macros in your Microsoft Office files from the internet to protect you against macro-based malware.
The goal is to only allow macros from trusted sources.
Strategy 4: User Application Hardening:
User application hardening involves configuring web browsers and email clients by adding layers of security to prevent hacking. The goal is to minimise potential vulnerabilities by configuring your online applications to minimise potential access.
Strategy 5: Configure Microsoft Office Trust Settings:
Configure your Microsoft Office trust settings to only allow trusted macros to run in your Microsoft Office files. You want to prevent harmful macros from being executed. This way, you’ll further prevent malicious code execution.
Strategy 6: Use Multi-Factor Authentication (MFA):
Multi-factor authentication (MFA) is when you require multiple forms of verification to authenticate a user. MFA adds an additional layer of security that reduces potential unauthorised access.
Suppose a hacker gains access to your email and tries to log into your systems. Under MFA, they’d still need access to your phone to log in.
Strategy 7: Patch Operating Systems:
Regularly apply security patches and updates to remove vulnerabilities in your operating system. This strategy aims to minimise the effectiveness of attacks against your operating system.
Follow this strategy by automatically downloading the latest security patches for your operating system.
Strategy 8: Daily Backups:
This strategy aims to minimise the damage after successful attacks against you. Regularly backing up your data ensures you can quickly recover following data loss or system compromise.
Ideally, you should backup your data in cloud-based servers.
EngiTech’s Implementation Journey
These are the six steps EngiTech took to implement the Essential 8 in their organisation.
Step 1: Initial Assessment and Planning:
EngiTech started its Essential Eight journey by evaluating its existing cyber defences. Specifically, they analysed their defences against the Essential Eight standards. This step included a detailed audit of the following:
- Vulnerability detection ability
- Device management protocols
- Internet security infrastructure
This assessment revealed their existing weaknesses. For example, EngiTech has outdated device configurations and gaps in its vulnerability detection.
This step was the foundation of building a tailored cybersecurity solution for them.
Step 2: Upgrading Microsoft 365 Licensing for Enhanced Device Management:
EngiTech upgraded its Microsoft 365 licensing to integrate advanced InTune management. This allowed them to exercise strict control of their employees’ devices no matter their location.
This enhanced licensing allowed EngiTech to:
- Enforce strict security policies
- Remotely delete data from compromised devices
- Ensure remote and in-office workers meet the same security standards
Step 3: Implementing Vulnerability Scanning:
EngiTech integrated a comprehensive vulnerability scanning system that provided better coverage than conventional systems. Their comprehensive system allowed the company to thoroughly scan all integral applications.
These regular scans detected local threats and actively discovered emerging threats. EngiTech also substantially reduced opportunities for potential attacks by applying the latest security patches and updates.
Step 4: Enhancing Internet Security with Firewall Web Blocking:
EngiTech improved its online security defences by building a robust firewall web-blocking system. They designed this advanced security measure to proactively prevent employees from accessing known malicious websites.
They used threat intelligence and real-time analysis to fortify their cyber defences from evolving threats. This step was especially important for remote employees who access the internet from diverse global locations.
Step 4 was also crucial for protecting Engitech’s sensitive data from unauthorised access.
Step 5: Staff Training and Awareness:
EngiTech’s cybersecurity commitment extended beyond technology to include the human element. They invested in staff training and awareness programs to prevent social engineering attacks. The programs extended across diverse locations and work environments.
These programs educated staff to recognise and handle cyber threats. EngiTech also taught their employees about safe online behaviour. Their goal was to build a cybersecurity-conscious work culture.
Doing so would reduce potential risks by creating an additional layer of security in the form of educated employees.
Step 6: Continuous Monitoring and Improvement:
After implementing the previous five steps, EngiTech chose to continuously monitor and improve its cybersecurity practices. This involves regularly reviewing their cyber defences against a changing threat landscape.
EngiTech continuously monitors and improves its cybersecurity through the following:
- Threat intelligence feeds
- Penetration testing
- Incident response simulations
This iterative process ensures the organisation is agile and responsive to new threats. EngiTech recognised the importance of proactivity because of how rapidly new cybersecurity threats emerge.
Challenges and Solutions
These are the two major challenges EngiTech experienced and how they solved them.
1. Ensuring Consistent Cybersecurity Practices Across Diverse Locations:
EngiTech had to ensure consistent adherence to its new cybersecurity practices across its global workforce. The challenge came from diverse time zones and locations, increasing the risk of inconsistent adherence.
EngiTech’s solution implemented standardised cybersecurity protocols that could be uniformly measured across locations.
These protocols included cloud-based management tools to provide centralised control for real-time policy adjustments across locations.
This multi-faceted approach established a clear security baseline that all locations could be judged against. That way, they’d ensure all locations would adhere to the same minimal standards.
EngiTech successfully integrated standardised protocols and cloud-based management to create a consistently secure digital environment for its workforce.
2. Balancing Security Needs with Operational Efficiency:
The second challenge was maintaining a balance between security needs and operational efficiency.
EngiTech recognised that an overly restrictive security approach would negatively impact employee performance. Conversely, a lax security approach would be ineffective. So they’d have to strike a careful balance to maximise productivity and security.
EngiTech resolved this challenge by adopting a nuanced approach. They prioritised security measures that provided the most protection with minimal disruption. They did so by carefully evaluating which security tools would seamlessly integrate into their existing workflows.
This approach provided EngiTech with the highest level of security with the least impact on their productivity.
Outcomes and Benefits
These are the outcomes and benefits of EngiTech’s Essential 8 Journey.
1. Enhanced Cybersecurity Posture:
Successfully adopting the Essential Eight strategies markedly improved EngiTech’s cybersecurity posture. Adopting strategies like application whitelisting, vulnerability scanning, and staff training built a sophisticated cyber defence system.
Their improved cybersecurity system protects sensitive data and improves client and stakeholder confidence. This improved confidence translates to an increased likelihood of them winning contracts.
2. Competitive Advantage in the Government Sector:
Compliance with the Essential Eight principles gives EngiTech a competitive advantage in the government sector.
Adopting the Essential eight strategies lets EngiTech meet strict government requirements. Also, they improved their reputation as a trusted and reliable partner. This new status lets them access lucrative new opportunities with the Australian government.
EngiTech is a small-to-medium-sized engineering firm that adopted the Essential 8 Maturity Model to compete better for government contracts. Their journey involved adopting measures ranging from application whitelisting to staff training.
The result is that they’ve become a more digitally secure and competitive corporation. Also, consider investing in the Essential Eight model to improve your organisation’s cybersecurity. And if you’d like help, contact PowerbITs for a free consultation today.