![Essential Eight steps to outwit cybercriminals teaser]()
Date published 12 Jul 2022
By Marquis Pohla, Managing Director at Metrix Consulting
It’s no use having Fort-Knox-style security if you leave the password on a sticky note.
This simple analogy sums up the intention behind the Essential Eight (not to be confused with The Hateful Eight, although you could argue some similarities between Tarantino’s lawless bounty hunters and the loathsome villains behind cybercrime).
A Federal Government initiative, the Essential Eight lays out a series of voluntary measures designed to protect data from falling into the wrong hands. Data, after all, is a sought-after commodity and easy to exploit. Sold. Held to ransom. Leaked. Compromised. Erased forever. The result? Business disruption and reputational damage no company wants to face.
Sadly, the potential for attack is greater than ever. The world has a bigger digital footprint since the onset of the pandemic, with more people working, shopping, sharing and communicating online than ever before.
Cyber attackers think nothing of sitting and watching for months at a time; patiently studying online behaviours and spotting trends, ready to intercept. To wreak havoc. It stands to reason that cybersecurity is not something that can be ignored, left to chance or skimped on.
At Metrix Consulting, we have invested in our systems and processes to achieve Essential Eight compliance. Operating in an industry which has access to copious amounts of commercially sensitive information day in, day out, going that extra mile provides essential peace of mind for both our business and our clients.
What are the Essential Eight and how are they used?
As the name implies, the Essential Eight provides a set of eight mitigation strategies that direct how data and sensitive information is stored and handled.
Specific solutions differ from one business to the next, but encompass elements such as multi-factor identification, secure transfer software, administrative privileges, macro settings, application control and regular back-ups. The implementation of Essential Eight is supported by the Essential Eight Maturity Model, which provides advice for how to progressively achieve different levels of maturity (Maturity Level Zero through to Maturity Level Three) for each of the eight mitigation strategies.
At Metrix, the implementation of Essential Eight is part of a holistic approach to information security, privacy and data management, in response to the ever more stringent legal responsibilities and what we expect will be a new standard for our industry. Working with our cybersecurity experts, we are continually reviewing and refining our processes and conducting training as part of our regular data security audits. This includes simulated cyber-attacks to test our own systems and people.
What are the benefits of Essential Eight?
Richer insights. A high level of data security sets us up to be able to integrate client data into our analysis. This opens the door for richer insights to inform our clients’ decision making.
More Opportunities. The growing distrust of the internet in general can make people more reluctant to take part in research. Offering tangible examples of how their personal details will be protected – combined with specific context around the research – can provide the reassurance they need to participate.
Increased Confidence. Many companies are already highly sensitive to cybersecurity and demand the high level of reassurance that Essential Eight compliance can help provide, knowing data protection is ingrained in everything their partner does.
Education. For business’ that don’t currently have data protection top of mind, it can be a welcome relief to deal with market experts who are benchmarking data security standards and can explain the how and why.
Business leaders want to be able to sleep at night knowing the company they have entrusted their data to has taken all possible steps to protect that data. So next time you’re commissioning a piece of market research or data analytics, be sure to ask: What steps will you take to make sure my data stays safe?
Back To News & Views