Achieving advanced cyber security

How to plan for and implement a road map to advanced-level protection from cyber attacks.
Achieving advanced level cyber security

Achieving advanced-level cyber security is an aspirational target for most organisations. But any organisation that has achieved intermediate-level cyber security protection should aspire to go further down the risk minimization path. Advanced cyber security protection is achieved when your organisation is at Maturity Level 3 when measured against all Essential 8 mitigation controls.

In broad terms, advanced cyber security protection can be broken down into four main areas:

Information classification & security

  • Independent assessment for compliance against an information security standard like ISO27001

User device management

  • Intermediate-level protections (appropriate firewall and antivirus protection, secure device encryption and password protection, remote data-wiping ability)
  • Capacity to block non-compliant user devices from connecting to organizational information stores

Network threat detection & alerting

  • Installing a contemporary Security Information and Event Management (SIEM) system to collect and analyse security information from all devices and accounts, identifying risks and required actions

Policies, user education & compliance

  • Staff consider security as one of their key responsibilities and actively consider how to keep sensitive data safe
  • Bi-annual compliance testing identifies potential security risks

Engaging, effective security education reinforced regularly and available on demand.

Rate this guide

Average: 4 (2 votes)

Status message

Thanks for rating this guide.

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.