The ASD Essential 8 prioritises strategies considered to be the most effective cybersecurity ‘baseline’ for Australian businesses and public sector organisations.
The advancement of digitalisation has been a key driver towards organisational efficiency. The scale in which cyber operates has conversely led to rapid increases in both the volume and sophistication of cyberattacks.
As a key element of critical infrastructure, government and public sector organisations are a primary target for cyber criminals. Adversaries are continuously exploiting weaknesses in IT security and information management systems through practices such as targeted phishing emails and ransomware attacks.
What is the ASD Essential 8?
The Australian Cyber Security Centre (ACSC) based within the Australian Signals Directorate (ASD) has developed prioritised mitigation strategies, in the form of the Strategies to Mitigate Cyber Security Incidents, to help organisations protect themselves against various cyber threats. The most effective of these mitigation strategies are the Essential Eight.
All organisations, public and private in Australia are encouraged to implement Essential 8. For NSW Government agencies, implementing Essential 8 is a policy imperative. Under the NSW Cyber Security Policy (CSP), each agency must implement Essential 8 as well as annually report a maturity assessment against Essential 8.
Created in February 2017, the Australian Signals Directorate (ASD) found that when operating effectively, the Essential 8 mitigates 85% of targeted cyber-attacks. Marsh’s ASD Essential 8 Assessment can help you achieve and improve your Essential 8 compliance.
How it works
Marsh’s ASD Essential 8 Assessment can help you achieve and improve your Essential 8 compliance and is delivered in four steps:
- Marsh Cyber Advisory provide a self-assessment survey on the different maturity levels of the Essential 8 controls. Our Cyber Consultants conduct workshops with you, in order to respond and validate as accurately as possible. All evidence is reviewed to determine the extent of controls implemented.
- With the captured responses a score is assigned and mapped to an ASD Essential 8 maturity level. Once all the responses are collated an overall maturity level is established.
- Control gaps are then identified and recommendations provided to uplift to a baseline.
- All the information is pulled together into a report and presented to stakeholders.
In addition to this report our team are also able support in implementation of additional controls, if required.
Minimise cyber risk and exposure
By undertaking this assessment your organisation will not only validate your current cyber security practices and identify any potential gaps, it will also uplift your cyber maturity posture in line with Australian government guidance – minimising your cyber risk and likelihood of exposure.
FAQs
Why Marsh
As experts in enterprise and cyber risk, we help you take an enterprise wide, scalable approach in building your cyber resilience.
Together, we identify your risks, and develop a best-for-you program and team of partners to help manage it.
Informing your approach and decision-making process with our 25 years of cyber expertise and data driven insight. So that your path to cyber resilience is more productive and predictive; and your outcomes are more efficient and effective.
This publication is not intended to be taken as advice regarding any individual situation and should not be relied upon as such. The information contained herein is based on sources we believe reliable, but we make no representation or warranty as to its accuracy. Marsh shall have no obligation to update this publication and shall have no liability to you or any other party arising out of this publication or any matter contained herein. LCPA 23/167.