More

    Australia directs businesses to apply critical security patches faster

    Published on:

    Just_Super/Getty Images

    Australia has updated its cyber risk mitigation guidelines for organizations, with changes including timelines for applying critical patches and limits on administrator privileges.

    According to the Australian Signals Directorate (ASD), the coordination was first introduced in June 2017 to guide businesses in protecting internet-connected IT networks from common cyber threats. It is part of an annual update of the degree model, the Australian Signals Directorate (ASD) said. This update is based on insights from threat intelligence and penetration testing, evaluation of Essential Eight implementation, and feedback from local and global public and private sectors.

    Also: 6 Simple Cybersecurity Rules You Can Apply Now

    The latest revisions also include the adoption of “phishing-resistant” multi-factor authentication, cloud service management, and incident detection and response for internet-connected infrastructure, ASD said. This intelligence agency is located within the federal government’s Department of Defense and oversees information security and provides signals intelligence related to the nation’s telecommunications, data, and communications networks.

    of Essential 8 Maturity Model It provides a baseline designed to make it more difficult for attackers to compromise your system. This model covers eight key areas, including application control, Microsoft Office macro restrictions, and user application hardening.

    The latest update puts more emphasis on higher priority patching instances, ASD said, which is implemented based on an assessment of the average time it takes a malicious attacker to exploit a vulnerability. He added that it was done.

    If a vendor assesses a vulnerability as being of a critical nature (such as the ability to bypass authentication for privileged access or remotely execute code without user interaction), the organization has 48 hours to disclose the vulnerability. Must be patched or mitigated. ASD says the changes apply to maturity levels 1 through 3.

    In the Essential Eight model, maturity level 1 typically applies to small and medium-sized businesses, and level 2 is appropriate for large enterprises. Level 3 maturity level is intended for critical infrastructure providers and organizations operating in high-threat environments.

    Also: Small businesses face growing cybersecurity threats, but basic steps can reduce risk

    “Providing prioritized patching guidance to patch applications that routinely interact with untrusted content from the internet, including office productivity suites, web browsers, email clients, PDF software, and security software.” The emphasis is on

    This has increased the need to reduce patching times for such applications from less than a month to less than two weeks. Vulnerability scanning activity for these applications was also updated from at least biweekly to at least weekly, the agency said. This change affects companies with Level 1 maturity.

    To help businesses adapt to these changes, the window for patching operating systems on non-critical devices, such as workstations and non-internet-facing servers, has been extended from two weeks to one month. Vulnerability scanning activities for such devices have also been revised from at least weekly to at least biweekly. This change affects companies at maturity levels 2 and 3.

    Additionally, various requirements have been applied to address the absence of governance processes related to granting and controlling privileged access to data repositories.

    Related article: Cybersecurity 101: All about how to protect your privacy and stay safe online

    “The requirements that prevent privileged accounts from accessing the internet have been carefully modified to support the management of cloud services,” ASD said. “Such accounts must be clearly identified and strictly limited to the necessary access and obligations.”

    This change affects companies in maturity levels 1 through 3.

    For example, under Administrative Privilege Restrictions, companies at Level 2 maturity must add requirements to validate initial requests for privileged access to data repositories. Additionally, privileged access to data repositories must be revoked after 12 months unless revalidated.

    Related

    Leave a Reply

    Please enter your comment!
    Please enter your name here