Reaching Essential Eight maturity on AWS: Security and compliance for Australian organizations - AWS Prescriptive Guidance

Reaching Essential Eight maturity on AWS: Security and compliance for Australian organizations

Amazon Web Services (contributors)

November 2024 (document history)

The Australian Signals Directorate (ASD) has created and prioritised strategies to help organizations mitigate the risks of cybersecurity threats. Eight of these strategies were chosen to form the Essential Eight framework. Many public and private sector organisations in Australia are required to reach maturity under the Essential Eight framework.

The Australian Cyber Security Centre (ACSC) created the Essential Eight framework to help protect Microsoft-based internet-connected networks. However, many organizations are required to reach Essential Eight maturity for all of their environments, both on-premises and in the cloud.

The Essential Eight framework also includes a maturity model designed to help organizations implement the framework through progressive iteration. The model outlines maturity levels zero through three. Maturity level three represents resilience against advanced cybersecurity tactics and highly targeted attacks. This guide provides specific, opinionated guidance to help you achieve Essential Eight maturity level three on AWS.