ASD prioritises list of mitigation strategies for cyber attacks.

Sophos can help.

The Australian Signals Directorate’s (ASD) guidance on the top 35 mitigation strategies addresses targeted cyber intrusions, ransomware and external adversaries with destructive intent, malicious insiders, 'business email compromise' and industrial control systems. The mitigation strategies are based on the Directorate’s analysis of targeted cyber intrusion incidents across the Australian Government.

Application Whitelisting

You need to allow only whitelisted and trusted applications into the system. With Server Lockdown in Server protection, allow only trusted applications and associated files to run. The exploit prevention capabilities in Sophos Intercept X prevent vulnerabilities in applications and operating systems from being exploited. Plus, restrict unauthorized applications with application control policies in Endpoint Protection.

Restrict Administrative Privileges

Restricting administrative privileges is one of the most effective mitigation strategies in ensuring system security. XG Firewall, SafeGuard Encryption, Sophos Central, and Sophos Mobile all offer role-based administration to separate authorization levels by job function.

Multi-factor Authentication

Protect privileged and administrator accounts with advanced two-factor authentication in Sophos Central. Authenticate users for access to specific files/folders with the use of user- or group-specific keys with SafeGuard encryption. XG Firewall facilitates two-factor authentication for VPN connections.

Check out our Compliance Card to know how Sophos can support your efforts to comply with the mitigation strategies. Plus, you can get a no-obligation quote.

Try For Free

ASD Top 35 Mitigation Strategies : A Refresher

First published in 2010, an updated version of the mitigation strategies was published in February 2017. Initially aimed at government organizations, the strategies contained are equally valuable for commercial organizations seeking to protect their networks and users.

What are you waiting for?

Let our experts at Sophos help to build the right solution for your needs.

This is not an exhaustive review of all elements of the Regulation, nor is it legal advice. Please consult your own legal experts if required.