ASD Back with 2014 Top 35 Mitigations

Defence_signals_directorate_logoLast week the Australian Signals Directorate (ASD), formally Defence Signals Directorate (DSD), published the 2014 version of their top 35 mitigations. I’ve always liked this list as a place to start, especially the top 4 (unchanged from last year). Theoretically, implementing only the top 4 mitigations, application whitelisting, application patching, OS patching, and admin privilege restriction in this year’s edition, could cut out “at least 85% of the cyber intrusions that ASD responds to” for adversaries “using unsophisticated techniques.”

(Note: As part of a campaign to bring forward some of our older posts that we feel still benefit the community, we’ve added this article to our Best Of category that will periodically get tweeted out. Please mention it to me on Twitter or contact us if there are any other posts you feel we should include in this category. This post was previously categorized under News. [email protected]grecs)

via TechRepublic.com

The Australian Signals Directorate (ASD) has re-ranked its Strategies to Mitigate Targeted Cyber Intrusions (PDF) document for 2014, with the top four strategies remaining identical to the 2012 version of the document.

In order, the top four strategies remained as: Application whitelisting; updating to the latest version of applications within two days of release; applying operating system patches within two days; and restricting admin privileges based on user duties, recommending that users with administration privileges use a separate unprivileged account for email and web browsing.

Rising up the rankings were strategies for disabling the running of internet-based Java code, untrusted Microsoft Office macros, and undesired web browser and PDF viewer features; usage of operating system level features, such as address-space randomisation and Microsoft’s free Enhanced Mitigation Experience Toolkit; and behavourial analysis from internet and email filtering, which the agency says should be “run in a sandbox to detect suspicious behaviour, including network traffic, new or modified files, or configuration changes”.

Continued here.

#####

Today’s post pic is from Wikipedia.org.

6 comments for “ASD Back with 2014 Top 35 Mitigations

  1. February 25, 2014 at 3:49 am

    ASD Back with 2014 Top 35 Mitigations http://t.co/lpTzHgHrjX

  2. February 25, 2014 at 4:21 am

    #NOVABLOGGER: ASD Back with 2014 Top 35 Mitigations http://t.co/yuZnqFUWl9 http://t.co/Z3FFM7SQO6

  3. February 25, 2014 at 12:00 pm

    ASD Back with 2014 Top 35 Mitigations – see our post for more info http://t.co/1eyA8YyU4z #infosec

  4. February 25, 2014 at 12:00 pm

    ASD Back with 2014 Top 35 Mitigations – see our post for more info http://t.co/VqkaMvOPp6 #infosec

  5. June 15, 2014 at 7:03 pm

    Best Of: ASD Back with 2014 Top 35 Mitigations http://t.co/qVqU1n5ckL

  6. November 26, 2014 at 8:06 am

    Best Of: ASD Back with 2014 Top 35 Mitigations http://t.co/qVqU1nDQuP

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.