Unlocking Cyber Resilience: A Guide for Small Businesses by ACSC

Cybersecurity incidents are significant threats to any organization, regardless of size or industry. Small businesses face an average cost of over $39,000 per cybersecurity incident, making it imperative for organizations to prioritize their cybersecurity investments. Acknowledging the growing prevalence of cloud computing, the Australian Cyber Security Centre (ACSC) has developed the Small Business Cloud Security Guides. These guides are tailored to offer protection against cyber incidents while remaining accessible to organizations lacking the necessary resources and expertise to implement more complex security strategies.

The need to invest in cybersecurity has become more crucial than ever, given the increasingly sophisticated tactics employed by cyber criminals and state-sponsored actors targeting Australian organizations. The ACSC confronts attacks against Australian entities daily, with the most significant threats involving ransomware, exploiting security vulnerabilities, software supply chain compromises, and business email compromise. Simply relying on the latest technology alone is insufficient; a shift in cybersecurity mindset is essential. Neglecting to invest in your organization’s cybersecurity could lead to costly attacks, operational disruptions, data loss, reputational harm, legal liabilities, and more. Implementing the Small Business Cloud Security Guides can bolster your organization’s defences and significantly reduce the chances of cyber incidents impacting your Microsoft 365 capabilities.

How to Utilize the Guides

The Small Business Cloud Security Guides from the ACSC offer a series of technical examples that align with the strategies of the Essential Eight. It is important to note that these guides are not intended for organizations seeking to achieve a specific Essential Eight maturity level. Instead, they are designed to provide a straightforward approach for organizations to enhance their cyber security and protect against potential cyber threats. As a reference, these guides can serve as a valuable resource, and organizations are encouraged to adapt the advice to suit their unique requirements.

All organizations must implement cyber security mitigation strategies aligning with their risk profile and risk appetite. The Small Business Cloud Security Guides are an excellent starting point, especially for small and medium-sized Australian organizations operating within a Microsoft 365 software-as-a-service environment and utilizing devices configured with Microsoft Intune. These guides can significantly improve their cyber security posture, ensuring a more secure digital environment.

Resourcing Considerations

Safeguarding your organization from cyber incidents necessitates financial and human resources investments, which all organizations should prioritize. It is crucial to recognize that investing in preventive measures is typically far more cost-effective than dealing with the effects of a cyber security incident.

To effectively implement and maintain the recommendations from the Small Business Cloud Security Guides, your staff or IT-managed service provider will need to allocate resources. While the ACSC has tried to incorporate low-cost or free solutions in this guide, it is essential to acknowledge that specific security configuration options may not be accessible in entry-level Microsoft 365 subscriptions. Organizations will require a Microsoft 365 Business Premium subscription to follow this guide thoroughly. Employees who need administrator roles will also need an Azure Active Directory Premium P2 subscription. Organizations can significantly bolster their cyber security posture and proactively protect their digital assets by making these necessary investments.

The Eight Mitigation Strategies

The Small Business Cloud Security Guides are founded on the principles of the Essential Eight – a set of eight mitigation strategies determined by the ACSC to be crucial in safeguarding against cyber threats. These strategies were carefully chosen as the most effective and highest-priority measures from the ACSC’s comprehensive “Strategies to Mitigate Cyber Security Incidents” framework. Drawing from their wealth of experience in generating cyber threat intelligence, responding to cybersecurity attacks, and conducting penetration testing, the ACSC has developed and recommended these strategies.

Mitigation strategies Benefits Impost on organisation
Protect against malware Limit the extent of cyber incidents Recover from a cyber incident
Application control
Mitigating the Risk of Executing Malicious Programs
    Users are restricted to installing applications verified as secure by Microsoft’s Intelligent Security Graph.
Patch applications
Addresses Application Security Vulnerabilities and Patch Management
    To ensure application security, IT administrators must diligently manage regular patching. Relying on unsupported applications could lead to potential security risks, requiring the organization to consider investing in upgrades or exploring secure alternatives.
Configure Microsoft Office macro settings
Mitigates the Risk of Malicious Macros
    To reduce the risk of running malicious macros, users are restricted from executing them unless they demonstrate a valid business requirement. IT administrators are crucial in managing macro permissions to maintain a secure environment.
User application hardening
Enhances Security by Restricting Insecure Application Functionality
    To bolster security, IT administrators are responsible for configuring application settings. Users are not permitted to utilize application functions considered insecure, ensuring a safer computing environment.
Restrict administrative privileges
Mitigates the Risk of Compromised Accounts with Special Privileges
    To minimize the risk of compromised or inappropriate use of accounts with special privileges, users must seek approval before temporarily activating administrator roles when necessary. IT administrators are responsible for managing the activation of administrator roles. Additionally, administrators are restricted from performing higher-risk actions while logged into their administrator accounts. A limited number of Azure Active Directory Premium P2 licenses are required to implement these measures effectively.
Patch operating systems
Addresses Operating System Security Vulnerabilities and Patch Management
    To ensure the operating system’s security, IT administrators must diligently manage regular patching. If the organization relies on unsupported operating systems, investing in upgrades or exploring secure alternatives to maintain a robust and protected IT environment may become necessary.
Multi-factor authentication
Enhances Security by Preventing Unauthorized Access
    To stop unauthorized access to systems and accounts, users must provide at least two factors of authentication when specific conditions are met. This multi-factor authentication approach strengthens the overall security posture, ensuring that only authorized users can access sensitive resources and data.
Regular backups
Facilitates Data and Settings Restoration Following Incidents
    To ensure data protection, IT administrators are responsible for managing regular backups. The organization can consider purchasing a commercial backup solution for reliability and comprehensive data recovery capabilities.

Do you have questions about how your small business can benefit from these cloud security guides? Qamba has IT professionals who have years of experience keeping businesses safe from cybersecurity attacks. Don’t hesitate to send us a message.

More Articles