Research in Australia and overseas suggests that most cyber breaches can either be prevented or the impact of any attack can be significantly limited by a range of low cost and easy to implement measures. These include the following:
- Username and password standards should be sophisticated.
- Administrative and privileged access should be controlled.
- Undesirable applications should removed.
- Automated patching tools and processes should be used.
- Data should be backed up regularly.
- Access to mobile devices should require authentication and data should be encrypted.
- Anti virus software and filters should be used.
Research released by the Australian Defence Signals Directorate (DSD) indicates that at least 85% of the cyber intrusions that the DSD has responded to would have been mitigated had organisations implemented the above strategies.