The Essential Eight is an initiative of the Australian Cyber Security Centre (ACSC), part of the Australian Signals Directorate (ASD), and and is a set of prioritised strategies designed to help organisations mitigate cybersecurity incidents caused by various cyber threats. These strategies are designed to help prevent threats such as cyber intrusions, ransomware, malicious insiders, email and phishing scams and various other cyber attacks. The Essential Eight were developed based on the ASD’s own experience in responding to cybersecurity incidents and performing vulnerability testing for Australian government agencies.

The Essential Eight guidelines and strategies can be applied by organisations of any size and industry to enhance their cybersecurity posture and improve their capability to defend against cyber threats. The Essential Eight Maturity Model, first published in 2017, defines four levels of cybersecurity maturity which organisations can look to achieve based on what sort of information assets they are trying to protect, and the type of adversaries they may be targeted by. Prior to implementing Essential Eight strategies, organisations should first identify their information assets and perform a risk assessment to determine the appropriate level of protection required. The four maturity levels are explained below:

Maturity Level Zero

Maturity Level One

Maturity Level Two

Maturity Level Three

We can evaluate your Essential Eight Maturity Level and provide strategies to achieve E8 Compliance