Skip to content

When it comes to infiltrating government IT systems, cyber criminals continually evolve their tactics.

That’s why the Australian Cyber Security Centre (ACSC) revised its Essential Eight Maturity Model, including:

  • redefining maturity levels and what they represent, to counter the sophistication of cyber criminals’ tactics
  • moving to a stronger risk-based approach to implementation, to reflect circumstances where immediate or full implementation of the Essential Eight model might not be possible
  • recommending that mitigation strategies be implemented as a package.  This means organisations achieve a consistent maturity level across all strategies, before moving to the next level.

The updates draw on ACSC intelligence gained during the last year to ensure organisations have the latest advice on preventing cyber attacks.

VMIA’s Head of Statewide Risk, Samantha Zimmerman, said cyber risk is gathering pace, with criminals evolving faster than we can imagine: “ACSC has said it will continue to review and update its advice on a regular basis because of how fast things are evolving. We can’t sit still – we have to continue to adapt the way we manage cyber risk."

“The best way to make sure you’re on top of things is to implement the advice in the updated Essential Eight model and monitor and review your cyber risk maturity every year using VMIA’s benchmark tool."

For more information about the new Essential Eight Maturity Model visit the ACSC’s website.