The Australian Signals Directorate (ASD) has updated a number of its guides to implementing its ‘Top 4’ security strategies for mitigating targeted cyber intrusions.
According to the ASD, at least 85 per cent of the targeted cyber intrusions that it responds to could be prevented by the four strategies.
Those strategies are application whitelisting, application patching, OS patching, and the restriction of administration privileges based on user duties.
The ASD has released a suite of new or updated advice to accompany its main ‘top 4’ mitigation guides, including Microsoft Office Macro Security, Securing PowerShell in the Enterprise, Restricting Administrative Privileges, Implementing Application Whitelisting, and Restricting Administrative Privileges.
In addition, the ASD has released an updated guide on implementing the strategies in a Linux environment.
Alongside its signals intelligence role, the ASD is the central agency that provides information security advice to federal government departments and agencies. In 2014, the ASD responded to 37 per cent more government cyber security incidents than in 2013, according to the government
The ASD is the lead agency for the Australian Cyber Security Centre.
Priorities in the government’s national cyber security strategy included updating the ASD's 'Top 4' guides.
In addition, the strategy earmarked $1.3 million in additional funding for the ASD for a rolling program that will assess the cyber security of government agencies and $11 million to boost the ability to uncover security vulnerabilities in government systems.Read more: Our future cyber security industry
The funding will complement the $300m boost for Defence’s cyber capabilities announced earlier this year as part of the government’s Defence White Paper.
As part of the launch of the cyber security strategy, Prime Minister Malcolm Turnbull confirmed that the ASD had offensive cyber capabilities.