Professional Documents
Culture Documents
To help mitigate cyber security risks the Security Scorecard is a powerful Report on the cyber security posture within your monitored environment Time Period: 1 Jan 2019 18.35 – 25 Jun 2019 16.35
Maturity
Level 1
Partly aligned with intent
of mitigation strategy
of the eight controls.
Maturity Mostly aligned with intent
Defined assets, policies and organisational units combine with the flow Level 2 of mitigation strategy
Running in enforcement mode. Patches for extreme risk security Only Microsoft Office macros in Web browsers are hardened
An approved whitelisting method vulnerabilities in Adobe Flash, web appropriately configured trusted using vendor hardening guides.
covering executables, software browsers, Microsoft Office, Oracle locations can execute. Adobe Flash uninstalled and both
libraries, scripts and installers. Java and PDF viewers are applied web advertisements and Java
and verified within 48 hours for all from the Internet blocked.
workstations.
Patch Operating TOP Restrict administrative TOP Daily backup of data & Multi-factor
Systems 4 privileges 4 systems availability authentication
Strategy
configured by enterprise software and change management tools, these
Users
Patching applications
✓
–
–
?
–
✓
linked to activity monitoring to detect inappropriate useage of software
which may introduct risk into the environment. In addition, site specific
implementation of interfaces to multi-factor authentication inherently
involve the activity of users within that environment.
Disable untrusted Microsoft Office macros ✗ ? ?
APPLICATIONS
www.huntsmansecurity.com/products/essential-8-security-scorecard/ User application hardening – ? ✓ Determination of the authorised nature of software in teh environment
is derived from policy extracted from the site and its enterprise software
Multi-factor authentication ✗ ✗ ✗ and change management tools. Monitoring for violations of policy
is achieved through monitoring of systems on which unauthorised
Daily backup of important data ✓ – ✓
applications may be launched.
Page 1 of 9
COMMERCIAL IN CONFIDENCE © 2019 Tier-3 Pty Ltd, All rights reserved
Product Essential 8 Scorecard
Information Measuring your Cyber Security Posture
Application
Whitelisting <Insert Company Name>
Each of the controls is reported in detail on a weekly basis and is Mitigation strategy to prevent malware from running Time Period: 14 Mar 2018 14:10 - 21 Mar 2018 14:10
automatically compared to the previous week so you can see if Only authorised applications and code should be allowed to execute.
your security posture is going in the right direction. The controls provides a greater defence against new malicious code which may not yet be
detected by gateway and end-point scanning technologies. A whitelist-based
approach to application/executable security also has the benefit of
restricting users from running unauthorised or unlicensed software in the Maturity
executables, software libraries, scripts and
installers
Controls to mitigate against cyber threats:
changes to the whitelisting policies themselves to prevent circumvention of
policy by privileged users.
• Application Whitelisting – running in enforcement mode What does the control cover?
Ensure that application software has had all relevant vendor-supplied
Maturity
Applocker detects the running of an unauthorised program
N/A
71
0
2,826
0
47
0
Level 3 in AdobeApplocker
Flash, webGroup
browsers,
PolicyMicrosoft
Deleted*Office, N/A 0 0 0
Malicious software often gains access and propagates through the use of
in Adobe Flash, web browsers etc. How does Huntsman Security’s Executive Cyber Scorecard achieve Level 3 in web server software, other server
the goal of this control? (Servers) applications that store important (sensitive or
high-availability) data, and all other internet-
For this control, the software monitors for inconsistencies between the
accessible server applications, are applied and
patch state of installed applications and the published list of security-critical
verified within 48 hours.
patches defined by the security administrator.
Controls to limit the extent of incidents and
deviations by endpoints, compared to 47 in the previous
Number of times Applocker blocks an executable from reporting period.Overall, the indicative score for the current
1,535
running period (64.1%) is the same as the previous period (64.1%).
recover data:
Page 2 of 9
COMMERCIAL IN CONFIDENCE
© 2018 Tier-3 Pty Ltd, All rights reserved
Total !"#$%&!'(
The current "Patch applications" control is indicated as being
Number of Monitored Endpoints
)!*+,!"&%!"',
generally effective.In the current reporting period, the
• Multi-factor authentication – for users performing controls account. Users also often use the same password for multiple services or
applications, which can result in significant damage. By enforcing the use of
multiple factors, knowledge of just a password does not give an attacker
access.
In addition to passphrases, only additional
authentication methods from the following list
are used: U2F security keys, physical OTP
tokens, biometrics and/or smartcards.
improves likelihood of an increases your ability to terms. How does Huntsman Security’s Executive Cyber Scorecard achieve
the goal of this control?
For this control, the software monitors the organisation’s particular multi-
factor authentication technology. The software matches authentication
events against defined lists of privileged users to ensure that they are
enabled with multi-factor authentication.
Implementation of these eight controls improves cyber Multi-Factor Authentication Control Login <= 30 days
Control Failures
49
APPLICATION TOP PATCH TOP PATCH OPERATING TOP RESTRICT ADMIN TOP
WHITELISTING 4 APPLICATIONS 4 SYSTEMS 4 PRIVILEGES 4
Alerts 1hr 24hr Alerts 1hr 24hr Alerts 1hr 24hr Alerts 1hr 24hr
Status Dashboard
Medium
Low
0
0
0
1
Medium
Low
0
0
0
0
Medium
Low
0
0
4
1
Medium
Low
0
0
0