Australian Signals Directorate Top 4 Mitigations

At least 85% of intrusion techniques that ASD responds to involves adversaries using unsophisticated techniques that would have been mitigated by implementing the Top 4 mitigation strategies as a package

Australian Signals Directorate2011

The Strategies to Mitigate Cyber Security Incidents is a document created by the Australian Signals Directorate (ASD). The document is a list of 35 strategies that organisations must implement to reduce risk of targeted cyber intrusions. The list is informed by ASD’s experience in operational cyber security, including responding to serious cyber incidents and performing vulnerability assessments and penetration testing for Australian Government Agencies.

The list is ranked according to each strategy’s effectiveness in preventing targeted cyber intrusions. Control number one is the most effective and control 35 being the least effective.

As a result, there is great emphasis placed on the top 4 strategies in the document. The ASD states “While no single strategy can prevent malicious activity, the effectiveness of implementing the Top 4 Strategies remains very high. At least 85% of intrusion techniques that ASD responds to involves adversaries using unsophisticated techniques that would have been mitigated by implementing the Top 4 mitigation strategies as a package”.

The Top 4 mitigations are currently:

  1. Use application whitelisting to help prevent malicious software and unapproved programs from running
  2. Patch applications such as Java, PDF viewers, Flash, web browsers and Microsoft Office
  3. Patch operating system vulnerabilitie
  4. Restrict administrative privileges to operating systems and applications based on user duties.

The Top 4 Strategies to Mitigate Targeted Cyber Intrusions are mandatory for Australian Government agencies as of April 2013.

Products in our portfolio which address the top four strategies to mitigate cyber security incidents

airlock_digital_icon Airlock Digital (#1 – Application whitelisting)

securia-menu-icon Flexera Corporate Software Inspector (#2 & 3 – Application patching)

ThycoticCheck_icon Thycotic Secret Server (#4 – Administrative Privilege Control)

No content in this document implies or infers any endorsement by the Australian Signals Directorate or the Australian Government.