Why Cythera partners with CrowdStrike to help customers achieve ACSC’s Essential Eight Level 1

09 Apr / 2024

Developed by the Australian Signals Directorate (ASD), The Essential 8 (E8) is a prioritised list of mitigation strategies designed to help Australian organisations protect their systems against a range of ever-increasing threats. Achieving maturity in the Essential Eight framework, however, presents challenges.

Leveraging best-in-class technology with our team of world-class engineers, Cythera helps organisations remain compliant across the E8, achieve level one maturity and ensure end-to-end protection from escalating cyber threats, securing valuable data and assets.

Achieving Essential Eight Maturity with Cythera and CrowdStrike

As a premier 24 x 7 x 365 Cybersecurity MSP, Cythera is committed to the unwavering protection of our clients' digital infrastructure. Our strategic engagement with technical partner CrowdStrike empowers us to enhance our service offerings in alignment with the Essential Eight framework, assisting our clients in reaching Level One maturity. 

Through this collaboration, our team of engineers implement, manage, and fine-tune a comprehensive array of security measures, each designed to address the unique facets of the E8 framework. 

Enhancing Patch Management with Cythera and CrowdStrike Falcon® Spotlight

The ACSC underscores the significance of patch management as a critical component in safeguarding systems from vulnerabilities. Effective patch management ensures that your applications and operating systems are updated promptly to defend against security threats.

Cythera's Approach: Cythera harnesses the power of CrowdStrike Falcon® Spotlight to conduct surveillance of your endpoints, ensuring continuous vigilance over applications and operating systems for software vulnerabilities. Our mission is to equip your organisation with in-depth vulnerability analyses, facilitating prompt and informed defences against potential security threats. By employing Falcon® Spotlight's vulnerability management technology, our engineers can swiftly pinpoint critical vulnerabilities that demand immediate attention, ensuring your software remains fortified with the latest security patches, significantly minimising the risk of cyber attacks.

Understanding the unique operational demands of each client, Cythera engages in a collaborative process to craft customised patch management strategies. This involves devising a prioritisation framework for patching efforts, with a particular focus on addressing the most critical vulnerabilities first. Our approach is not solely reactive; we proactively scan the horizon for future vulnerabilities, analysing trends and potential threat vectors. 

OS Patching Strategies with CrowdStrike Falcon® Spotlight

Patch management also requires that organisations regularly update operating systems with the latest patches to address security vulnerabilities. Keeping OS updated is vital for protecting against various cyber threats.

Cythera’s Approach: Cythera employs CrowdStrike Falcon® Spotlight for comprehensive OS vulnerability assessments, prioritising fixes for critical exposures. Our engineers automate patch deployment, streamlining updates to close security gaps swiftly. Continuous monitoring ensures patches are effective and standards-compliant, maintaining robust OS security. We offer insights into the patching process through detailed reporting, highlighting our proactive measures to safeguard your digital infrastructure against evolving threats.

 Securing Office Environments with CrowdStrike Falcon® Prevent

Teams should restrict the use of macros in Microsoft Office apps to those that are vetted and trusted. This is crucial as macros are often used to deliver and execute malware.

Cythera’s Approach: Employing CrowdStrike Falcon® Prevent, our engineers implement a monitoring system that scrutinises script-based executions across all MS Office applications. The objective is twofold: to allow the seamless operation of vetted and trusted macros that support business processes, while rigorously blocking those with malicious intent. This granular control is pivotal, ensuring that the usual flow of work remains uninterrupted by security protocols, yet impervious to the infiltration attempts of cyber threats.

Application Hardening with CrowdStrike Falcon® Prevent

Application Hardening involves configuring web browsers and applications to reduce the attack surface. Teams often look to disable unneeded features, block web ads, and configure strict settings to prevent exploit execution.

Cythera's Approach: Our engineers work with your team to configure the Falcon sensor to block unneeded and dangerous behaviours of applications through custom indicators of attack in Falcon Prevent. The ability to deploy rules to sensors on a per-group basis enables our team to employ robust testing methods to ensure business continuity.

This approach helps your organisation to trim entry points to minimise enhanced system security and meet E8 compliance requirements by ensuring applications are hardened against potential exploits.

Managing Administrative Privileges with CrowdStrike Falcon® ITD

Restricting admin privileges to users who truly need access to perform their roles minimises the risk of attackers gaining access to accounts that are privy to sensitive information.

Cythera's Approach: Cythera's engineers implement CrowdStrike Falcon® Identity Threat Detection (ITD) to establish a baseline of normal behaviour, enabling the detection of deviations that signify unauthorised access or misuse of privileges. Through real-time monitoring, anomaly detection, and tailored alerts, we ensure prompt action against potential security breaches. Automated response protocols facilitate immediate containment, while continuous refinement of ITD settings keeps the defence mechanisms agile. Comprehensive incident analysis and regular stakeholder reporting underline our commitment to transparency and ongoing improvement in administrative privilege security, securing sensitive information against unauthorised access effectively.

Multi-factor Authentication: Bolstering Access Control

Implementing multi-factor authentication (MFA) mechanisms beyond just a password is essential. This can include things like a physical token, a fingerprint, or a mobile app code, making unauthorised access much harder.

Cythera's Approach: Through the implementation of CrowdStrike Falcon® Identity Protection, Cythera integrate leading third-party Multi-factor Authentication (MFA) solutions to strengthen access control, applying customised settings for seamless security enhancement. Through continuous monitoring and user training, our approach not only maintains secure OS environments but also fortifies overall security posture with robust access control measures.

Ensure your organisation's resilience against advanced threats with our end-to-end cybersecurity solutions. Book a meeting with Cythera's experts today to customise your path to E8 maturity and safeguard your critical assets. 

Resources

You may be interested in

Upcoming ISO 27001 Audit? 5 Ways to Nail It.

Undergoing an ISO 27001 audit can be a stressful time, not only do you have your day-to-day role to manage, but you also need to spend months in…

Read More arrow_forward

Adversary Simulation: Aka. Red Teaming - Moving Beyond Penetration Testing

Cythera are often approached by clients looking for Red Team services, social engineering and similar attacks which emulate real-world attackers…

Read More arrow_forward

Redefining Cybersecurity for Australian Law Firms: The Promise of SASE Architecture

Redefining Cybersecurity for Australian Law Firms: The Promise of SASE Architecture The Australian legal sector's increasing adoption of digita…

Read More arrow_forward