The Australian Signals Directorate (ASD) has re-ranked its Strategies to Mitigate Targeted Cyber Intrusions (PDF) document for 2014, with the top four strategies remaining identical to the 2012 version of the document.
In order, the top four strategies remained as: Application whitelisting; updating to the latest version of applications within two days of release; applying operating system patches within two days; and restricting admin privileges based on user duties, recommending that users with administration privileges use a separate unprivileged account for email and web browsing.
Rising up the rankings were strategies for disabling the running of internet-based Java code, untrusted Microsoft Office macros, and undesired web browser and PDF viewer features; usage of operating system level features, such as address-space randomisation and Microsoft’s free Enhanced Mitigation Experience Toolkit; and behavourial analysis from internet and email filtering, which the agency says should be "run in a sandbox to detect suspicious behaviour, including network traffic, new or modified files, or configuration changes".
Dropping down the list were: User education, down to 28th out of 35 strategies, with ASD citing an increase in intrusions using techniques that an educated user would not detect; signature-based antivirus software, which the ASD said is less effective than heuristic-based antivirus; and multi-factor authentication.
ASD maintains that adopting only the top four strategies will mitigate 85 percent of intrusions, and suggests that organisations start rolling out the top four on the workstations of the likely targeted users, before extending the rollout to all workstations and servers. Once that rollout is completed, it is suggested that organisations cherry pick additional strategies to implement until "an acceptable level of residual risk is achieved".
The agency creates its list by analysing security incidents from across the Australian government.
Some would say that it is a long way from software engineering to journalism, others would correctly argue that it is a mere 10 metres according to the floor plan.During his first five years with CBS Interactive, Chris started his journalistic adventure in 2006 as the Editor of Builder AU after originally joining the company as a programmer.Leaving CBS Interactive in 2010 to follow his deep desire to study the snowdrifts and culinary delights of Canada, Chris based himself in Vancouver and paid for his new snowboarding and poutine cravings as a programmer for a lifestyle gaming startup.Chris returns to CBS in 2011 as the Editor of TechRepublic Australia determined to meld together his programming and journalistic tendencies once and for all.In his free time, Chris is often seen yelling at different operating systems for their own unique failures, avoiding the dreaded tech support calls from relatives, and conducting extensive studies of internets — he claims he once read an entire one.