At least 85% of the targeted cyber intrusions that the Defence Signals Directorate (DSD) responded to in 2010 could have been prevented by following the first four mitigation strategies listed in our Top 35 Mitigation Strategies:
- Patch applications such as PDF readers, Microsoft Office, Java, Flash Player and web browsers.
- Patch operating system vulnerabilities.
- Minimise the number of users with administrative privileges.
- Use application whitelisting to help prevent malicious software and other unapproved programs from running.
The Top 35 Mitigation Strategies are ranked in order of overall effectiveness. Rankings are based on DSD’s analysis of reported security incidents and vulnerabilities detected by DSD in testing the security of Australian Government networks.