The Strategies to Mitigate Cyber Security Incidents is a document created by the Australian Signals Directorate (ASD). The document is a list of 37 strategies that Australian Government Agencies must or should, and organisations should implement to reduce risk of targeted cyber intrusions. The list is informed by ASD’s experience in operational cyber security, including responding to serious cyber incidents and performing vulnerability assessments and penetration testing for Australian Government Agencies.
The list is ranked according to each strategy’s effectiveness in preventing targeted cyber intrusions. Control number one is the most effective and control 35 being the least effective.
As a result, there is great emphasis placed on the top 4 strategies in the document. The ASD states “While no single strategy can prevent malicious activity, the effectiveness of implementing the Top 4 Strategies remains very high. At least 85% of intrusion techniques that ASD responds to involves adversaries using unsophisticated techniques that would have been mitigated by implementing the Top 4 mitigation strategies as a package”. As a result, the Top 4 strategies are required in Australian government agencies.
The Top 4 mitigations are currently:
- Use application whitelisting to help prevent malicious software and unapproved programs from running
- Patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office
- Patch operating system vulnerabilities
- Restrict administrative privileges to operating systems and applications based on user duties.
The Top 4 Strategies to Mitigate Targeted Cyber Intrusions are mandatory for Australian Government agencies.