Australian Signals Directorate Top 4 Mitigations
At least 85% of intrusion techniques that ASD responds to involves adversaries using unsophisticated techniques that would have been mitigated by implementing the Top 4 mitigation strategies as a package
The Strategies to Mitigate Cyber Security Incidents is a document created by the Australian Signals Directorate (ASD). The document is a list of 35 strategies that organisations must implement to reduce risk of targeted cyber intrusions. The list is informed by ASD’s experience in operational cyber security, including responding to serious cyber incidents and performing vulnerability assessments and penetration testing for Australian Government Agencies.
The list is ranked according to each strategy’s effectiveness in preventing targeted cyber intrusions. Control number one is the most effective and control 35 being the least effective.
As a result, there is great emphasis placed on the top 4 strategies in the document. The ASD states “While no single strategy can prevent malicious activity, the effectiveness of implementing the Top 4 Strategies remains very high. At least 85% of intrusion techniques that ASD responds to involves adversaries using unsophisticated techniques that would have been mitigated by implementing the Top 4 mitigation strategies as a package”.
The Top 4 mitigations are currently:
- Use application whitelisting to help prevent malicious software and unapproved programs from running
- Patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office
- Patch operating system vulnerabilitie
- Restrict administrative privileges to operating systems and applications based on user duties.
The Top 4 Strategies to Mitigate Targeted Cyber Intrusions are mandatory for Australian Government agencies as of April 2013.
No content in this document implies or infers any endorsement by the Australian Signals Directorate or the Australian Government.