

Essential 8 Framework
Simplifying the Cybersecurity Roadmap
By understanding the framework below, organisations can implement security measures to prevent or detect attacks and protect their data.


Maturity Level Zero
Extensive weaknesses in your organization's cybersecurity defences.
If these weaknesses are exploited, it could result in the compromise of data confidentiality, system integrity, and data availability.
Level Zero Framework

Lack of strong password policies

Missing security patches and updates

Inadequate network segmentation

Absence of regular data backups

Poor user access controls

Lack of employee awareness and training
Maturity Level One
Mitigating commonly available techniques to gain unauthorized access and control over systems.
Exploiting security vulnerabilities in internet-facing services or using stolen or guessed credentials to gain access.

Level One Framework

Exploiting known software vulnerabilities

Password attacks using stolen or reused credentials obtained from previous data breaches or leaks

Phishing emails that trick individuals into revealing sensitive information or clicking on malicious links

Using tools to distribute malicious software, such as trojans, ransomware, or keyloggers, to gain access or control over systems

Brute force attacks that use automated tools to try different password combinations until they find the correct one

Maturity Level Two
Shielding against attacks that take more time and effort to bypass advanced security controls.
Specific individuals are targeted with phishing techniques or other social engineering to circumvent weak multi-factor authentication.
Level Two Framework

Advanced phishing campaigns that bypass email security filters, tricking users into downloading malicious attachments

Exploiting security control weaknesses, by exploiting vulnerabilities in firewalls, intrusion detection, or other security mechanisms

Evading multi-factor authentication by intercepting authentication codes or tricking users into providing them

Targeted credential theft

Persistent surveillance and reconnaissance
Maturity Level Three
Combatting adversaries who are highly adaptive and less reliant on public tools and techniques.
These adversaries are quick to utilize newly discovered exploits and employ sophisticated tradecraft to achieve their objectives.

Level Three Framework

Exploiting Outdated Software

Exploiting organisations with weak or insufficient logging and monitoring practices, making it easier to remain undetected

Manipulating users into unknowingly assisting in bypassing security controls or revealing sensitive information

Discovering vulnerabilities (zero-day exploits) before patches are available, to gain unauthorised access & avoid detection

Obtaining privileged credentials to escalate their privileges allows lateral movement across networks, accessing critical systems & data