ASD prioritises list of mitigation strategies for cyber attacks.

Sophos can help.

ASD Compliance CardContact Us

The Australian Signals Directorate’s (ASD) guidance on the top 35 mitigation strategies addresses targeted cyber intrusions, ransomware and external adversaries with destructive intent, malicious insiders, 'business email compromise' and industrial control systems. The mitigation strategies are based on the Directorate’s analysis of targeted cyber intrusion incidents across the Australian Government.

Application Whitelisting

You need to allow only whitelisted and trusted applications into the system. With Server Lockdown in Server protection, allow only trusted applications and associated files to run. The exploit prevention capabilities in Sophos Intercept X prevent vulnerabilities in applications and operating systems from being exploited. Plus, restrict unauthorized applications with application control policies in Endpoint Protection.

Restrict Administrative Privileges

Restricting administrative privileges is one of the most effective mitigation strategies in ensuring system security. XG Firewall, SafeGuard Encryption, Sophos Central, and Sophos Mobile all offer role-based administration to separate authorization levels by job function.

Multi-factor Authentication

Protect privileged and administrator accounts with advanced two-factor authentication in Sophos Central. Authenticate users for access to specific files/folders with the use of user- or group-specific keys with SafeGuard encryption. XG Firewall facilitates two-factor authentication for VPN connections.

Check out our Compliance Card to know how Sophos can support your efforts to comply with the mitigation strategies. Plus, you can get a no-obligation quote.

Try For Free

Sophos Central
Free Trial

Intercept X
Free Trial

SafeGuard Encryption
Free Trial

Sophos Mobile
Free Trial

ASD Top 35 Mitigation Strategies : A Refresher

First published in 2010, an updated version of the mitigation strategies was published in February 2017. Initially aimed at government organizations, the strategies contained are equally valuable for commercial organizations seeking to protect their networks and users.

Qu'attendez-vous ?

Nos experts Sophos sont là pour vous aider à choisir la solution adaptée à vos besoins.

Contactez-nous

Il ne s'agit pas d'un examen exhaustif de tous les éléments du Règlement, ni d'un avis juridique. Veuillez consulter un expert en cas de besoin.