Readers will recall from an article Holman Webb published back in 2018 that the Australian Cybersecurity Centre recommended eight best-practice mitigation strategies (the 'Essential Eight') that organisations should implement as a baseline defence against targeted cyber intrusions, ransomware and malicious insiders.
These strategies may seem relatively straightforward to those working within the IT industry, but the failure of organisations to implement the strategies (including government instrumentalities) has moved the Australian government to consider mandating the implementation of the Essential Eight controls, and requiring all public service entities to implement them forthwith.