ACSC Essential Eight

Magnitude 8 works with businesses to protect their critical assets and systems against cyber threats. Attacks are common and can result in the theft or destruction of critical data. Businesses should establish a baseline of essential mitigation strategies to help protect their data and reputation.

The Australian Cyber Security Centre (ACSC) Essential Eight is a list of 8 core strategies that form a baseline to mitigate cyber security incidents. The ACSC advises the government on cybersecurity, the top 4 of these strategies have been mandatory for government agencies since 2014. These strategies are becoming well known in the private sector and many businesses are now protecting themselves by implemented these strategies as a baseline.

We assist business assess their current protection levels and implement the Essential Eight strategies and related technologies. We tell you where the gaps are and provide you with a recommended implementation approach. Our team can fully implement recommended technologies or provide you with guidance and implementation support.



Considered the #1 preventive strategy. Whitelisting only allows known good programs to execute on your computers, malware is prevented from running.  See our whitelisting blog for more information.


Patch Applications

Patching of applications such as web browsers, Java and PDF viewers is often overlooked. Vulnerabilities in these applications are exploited by cyber criminals who use these flaws to attack systems using malicious code.


Microsoft Office macro settings

Macros are commonly used to download malware and infect computers. Macros should be blocked unless they have been checked and are trusted. See our malicious macros blog for more information.


User Application Hardening

Disable high risk and unneeded functionality and components, such as Java on the internet and Microsoft Office Add-Ins.


Restrict Administrative PRIVILEGES

Protect and restrict access to these powerful accounts and keep them safe from adversaries.


Patch Operating systems

Patch vulnerabilities in operating systems that are used to compromise systems.


Multi-Factor Authentication

Protect sensitive systems and data with strong authentication. Ensure that knowledge of a password alone is not enough to compromise a system.


Daily Backups

Ensure you have backups of business data and can recover from a cybersecurity incident such as a ransomware attack.

If you’d like to organise a meeting to find out more and meet our team, please contact us.