The Australian Cyber Security Centre (ACSC)’s Essential Eight framework has the potential to transform Australia into a global leader in cyber security. However, in challenging organisations to develop a more strategic approach to cyber security, it also introduces some new risks to IT environments that enterprises are going to need to grapple with in the coming years.
One of the most prominent of these risks is additional cost. Research by Andrew Milroy at Focus Network found that in 2024, 38 per cent of IT leaders are seeing their cyber security budgets increasing, and according to the Security Leader’s Peer Report by Panaseer, enterprise security teams use an average of 76 security tools. Meanwhile, most companies in Australia sit somewhere between stage one (“focus on prevention alone”) and stage two (“limited access management and visibility across the network”) of the four-stage pathway to cyber security maturity, according to Milroy’s research.
Based on this, there is the real risk that the number of tools being deployed will proliferate in efforts to increase cyber security maturity. With that comes additional complexity (at a time where Australia has a historic shortage of cyber security talent) and inefficiencies in the technology environment (resulting in additional costs).
Enterprises need to be strategic about meeting the Essential Eight framework and accelerating towards cyber security maturity.
It begins by understanding that Essential Eight compliance needs to be about more than a simple checkbox-ticking process or compliance-as-a-strategy. One key example of this is around access and identity management. Several of the Essential Eight requirements essentially mandate that organisations adopt a zero-trust approach to identity, with a particular focus on least privilege.
However, rather than simply adopting a minimum effort approach to these aspects of the Essential Eight, an organisation can look towards leveraging privileged access management (PAM) to drive towards better visibility and understanding across the IT environment. It can also facilitate secure remote access to networks and management while meeting compliance requirements, and scale efficiently with a much more streamlined approach to adding and managing new users.
And so, in addressing the Essential Eight mandates via alignment with zero trust, the CISO and CIO can also use this as an opportunity to deliver enhanced value in what the IT environment can deliver to the business as well as get ahead of future compliance requirements.
Avoiding The Need For Vendor Consolidation In The Future
PwC research suggests that Australian organisations are more confident than the global average that they have the “right number of cyber security technology solutions.” However, organisations are also low on the maturity scale. As efforts to mature the cyber security environment continue, a lack of strategic vision could result in a rapidly proliferating environment which could then become costly and inefficient to unravel and wind back.
Adopting a platform approach to cyber security, where a single vendor can address multiple areas of the Essential Eight, will help avoid the need for a vendor consolidation transformation project down the track. The benefits can also go beyond that.
By finding the right platform, an organisation can, firstly, achieve a centralised view over key parts of their security environment, making management a less resource-intensive process, and reducing the potential for gaps in the security coverage. For example, a solution that can provide coverage across Application Control, Restricting Administrator Privileges and User Application Hardening that may also provide compensating controls across a number of the other Essential Eight strategies.
That brings a better understanding of the total cost of cyber security to the organisation, and can facilitate decisions to improve cost efficiency, too.
Maintaining a narrower range of vendors and security platforms can result in faster incident response, too. This is both a key objective of the Essential Eight and the government’s overall cyber security strategy and, simply, good business practice in minimising the cost of threats and breaches. With identity at the heart of many data breaches and security incidents, having all identity security data and tools integrated into a single platform allows security teams to quickly correlate information, assess the scope of an incident, and initiate a coordinated response. Automated workflows and playbooks further expedite the response process, minimising the potential damage from security breaches.
Finally, a platform approach to cyber security means greater agility. Platforms are generally developed to integrate seamlessly with existing tools, such as Microsoft controls, and the right platform vendor means support and updates, ensuring that the latest threat intelligence and security technologies are incorporated into the platform. This continuous evolution helps organisations stay ahead of emerging threats and maintain a robust security posture on an ongoing basis.
The Essential Eight has challenged many enterprises to move up the cyber security maturity model quickly, as a point of compliance. Those that limit themselves to that will find that while they meet the minimum requirements, their cyber security environment will be an even greater sunken cost than previously.
Meanwhile, those organisations that look at the Essential Eight as an opportunity to embrace a holistic and strategic approach to cyber security will not only continue to be compliant, but will also have a strategic asset that adds ongoing value to the whole organisation.
.jpg&h=140&w=231&c=1&s=0)
_page-0001_(1).jpg&w=100&c=1&s=0)
Integrate
