Bridging the Cybersecurity Gap: Essential Eight for SMEs

It is hard to believe that it has been almost seven years since the Australian Signals Directorate’s Essential Eight was published. Establishing mitigation strategies for patching applications and operating systems, multi-factor authentication, restricting administration privileges, application control, restricting macros, hardening user applications and back-ups, the Essential Eight is a great foundation set of controls that organisations should have in place.

Mercury IT had seen adoption of the Essential Eight progressing at only a modest pace amongst its clients. However, following the high-profile, impact breaches — Optus, Medibank and DP World — demand to implement the Essential Eight controls has significantly increased for both new and existing clients.

?In 2017, implementing the Essential Eight was a colossal task.

Today, the tools available to assist with its application are legion. However, many of the required tools — such as a Security Information and Event Management (SIEM) platform and Application Control — are enterprise-grade products with an associated price tag. This is not to mention the generally unpalatable cost of operating an eyes-on-glass, 24-hour/seven-day security operations centre (SECOPS). The major problem is that while many of the effective tools are enterprise-grade, the malicious threat actors don’t limit their attacks to the big end of town. In fact, small to medium-sized enterprises (SMEs) can make far better targets as their cybersecurity environment is generally not as robust.

SME enterprise-grade protection with an affordable price tag.

This is why Mercury IT has worked for over five years to make scalable enterprise-grade cybersecurity solutions accessible to SMEs. The Mercury IT set of cybersecurity products includes eXtended Detection and Response (XDR), URL filtering, Darkweb monitoring, SIEM, patch management, SECOPS and Application Control. By using economies of scale, Mercury IT has been able to build out a cybersecurity offering that provides enterprise-grade protections at SME prices. Enabling SME customers to benefit from enterprise-grade protection has been a game changer.

Mercury IT’s cybersecurity expertise has brought Essential Eight compliance within reach of every organisation, regardless of their size.

As the threat landscape continues to provide increasing challenges for both organisations and cybersecurity professionals alike, it’s more important than ever to implement the Essential Eight to minimise the likelihood of a breach.

If you would like to learn more about cybersecurity for your business, contact us for a complimentary consultation.