SecurityCenter Continuous View and the Australian Signals Directorate’s Strategies to Mitigate Targeted Cyber Intrusions
In February 2014, the Australian Signals Directorate (ASD, formerly DSD) updated the publication Strategies to Mitigate Targeted Cyber Intrusions. The publication contains a list of 35 strategies to mitigate targeted cyber intrusions, ranked in order of overall effectiveness. According to ASD, over 85% of the cyber intrusions that ASD responds to could be prevented by following the top four mitigation strategies on the list.
The threat of targeted cyber intrusion has reached an all-time high and by implementing these mitigations, an organisation can reduce the impact to Australia’s economic well-being and thereby to all Australian citizens. A finite number of resources are available to organisations, thus requiring management to use staff and monetary assets to their full potential. The Top 4 mitigation strategies, when implemented as a package, provide a large reduction of risk for a relatively small investment of time, effort, and money. ASD recommends implementing these Top 4 mitigation strategies first on workstations of users who are most likely to be targeted by cyber intrusions, and then on all workstations and servers across the organisation. As resources become available, ASD recommends selecting and implementing additional mitigation strategies from the remaining 31 on the list until an acceptable level of residual risk is achieved.
ASD notes that organisations should perform continuous monitoring and mitigation, using automated methods to regularly test and measure the effectiveness of the implemented mitigation strategies. As required, additional mitigation strategies should be implemented to further protect information, workstations, servers, and other critical assets.
Tenable Network Security’s® SecurityCenter Continuous View™ (SC CV™) provides an organisation with a proactive method of discovering cyber intrusions, so the organisation will not have to just rely on individual products reporting partial findings. SC CV provides the unique ability to correlate vulnerabilities, configuration audits, and event logs in a single location, enabling a proactive approach to continuous network monitoring.
The objective of this guide is to demonstrate to Tenable customers and prospective customers how SecurityCenter Continuous View can support and enhance their implementations of the ASD mitigation strategies.