Press release
For the very first time in Australia, The Missing Link is offering the ASD’s Top 4 Strategies to Mitigate Targeted Cyber Intrusions as a managed service. Since 2013 it has been mandatory for all government agencies to implement all four top mitigation strategies but they have never before been offered as a packaged managed service.
Aaron Bailey, Security Director at The Missing Link said, “While a large part of our mission is to investigate the latest threats and technologies to combat them, we see time and time again during security consulting engagements that organisations are still struggling to implement the basics of patching and the appropriate use of privilege. We have aligned with the ASDs views since our inception and we decided to make a difference to our clients’ actual security posture by taking the difficulty of implementing and maintaining the ASD Top 4 off their hands.”
The list of Strategies to Mitigate Cyber Security Incidents is published by the Australian Signals Directorate. It is typically reviewed annually and is informed by the ASD’s experience in operational cyber security including responding to serious cyber intrusions and performing vulnerability assessments and penetration testing for Australian government agencies. No activity alone can prevent all malicious activity but the top four strategies have been indicated by the ASD as being able to mitigate at least 85% of the cyber intrusions they respond too.
The most recent update was released this week, 6 February 2017. The Top 4 strategies currently mandatory to Australian Government under the Protective Security Policy Framework (PSPF) remain unchanged, however, now the ASD have elevated another 4 strategies to a relative security effectiveness rating of ‘Essential’ and combined these are dubbed the ‘Essential Eight’. The Missing Link has the expertise and experience to consult with any business looking to adopt the essential eight and have already developed a managed service offering to cover all of these as an extension to our ASD 4 as a Service offering.
Aaron Bailey has this to say on the vendor selection and implementation, “Many of the whitepapers and publications from the ASD talk about predominantly Microsoft tools for managing the Microsoft endpoint fleet (such as SCCM and AppLocker by way of example). We wanted to take the ASD Top 4 strategies and ensure that we could utilise this across a heterogeneous environment including Microsoft, Apple, Unix and others. As such we thought it important to scour the market for the leading enterprise class vendors in their space and we constructed an integrated ASD Top 4 solution set that any of the largest organisations would be happy to implement. Many of the largest Australian organisations have chosen some of the vendors that we settled on, and either have already implemented them or are working to implement them. From our observations though we see them implementing these in isolation and not as an integrated and highly automated solution as we have constructed.”
Australian businesses that adopt all four strategies will take their current infrastructure and security posture to the next level. Whilst it is most effective to implement all four top strategies, the service is offered modularly, giving businesses the choice to only implement some or part of the strategies to compliment already existing technologies that may be in place.
“It's been a long hard road to develop this offering and I'm genuinely excited about helping Australian government and commercial organisations to enjoy better security and peace of mind. We believe that we are the first to market with such a packaged offering and we are working hard to ensure that it is continuously reviewed and modified as both vendor solutions mature and as the ASD review and revise their list of Strategies to Mitigate Cyber Security Incidents”, Aaron Bailey.
