Contact Us
Solutions

Essential 8: Maturity Level One

Maturity Level One: Defending Against Basic, Opportunistic Threats

Schedule a Consultation

At Maturity Level One, the focus is on protecting against malicious actors who use widely available, low-sophistication tools and techniques to compromise systems. These attackers typically do not target specific organisations. Instead, they opportunistically scan for common vulnerabilities across many networks, looking for easy entry points.

For example, an attacker might:

  • Exploit an unpatched vulnerability in a publicly exposed system
  • Use stolen, reused, brute-forced, or easily guessed credentials to gain access
  • Trick users into launching malicious applications through basic social engineering tactics

These actors are primarily interested in any vulnerable system, not necessarily yours. If they manage to compromise a user account with elevated privileges, they may use it to gain broader control or cause further damage. Depending on their motives, they might even delete or corrupt data—including backups.

What This Means for You​

To reach and maintain Maturity Level One, organisations should:

Address common vulnerabilities (especially through patching)

Reduce the effectiveness of stolen credentials (e.g., by using MFA)

Educate users to recognise basic phishing or social engineering attempts

Limit administrative privileges where possible

Ensure that backup systems are secure and not easily accessible to attackers

Mitigation Strategies to Prevent Malware Delivery and Execution

Our approach to cybersecurity follows industry best practices to minimize risks, strengthen defenses, and ensure resilience. The key strategies include:

Patch Applications & Operating Systems

Regular vulnerability scanning and timely application of patches to keep systems up to date and secure. Unsupported applications and operating systems are removed or replaced.

Multifactor Authentication

MFA is enforced on critical systems, online services, and customer portals to protect sensitive data and prevent unauthorized access. With Thales SafeNet Trusted Access, organizations can secure accounts with strong, flexible authentication.

Administrative Priviledge

Admin rights are restricted to only those who need them, lowering the risk of attackers gaining full control through compromised accounts. With Delinea Privilege Manager, organizations can enforce least privilege and manage elevated access securely.

Application Whitelisting

Only approved applications are allowed to run, reducing the risk of malicious or unauthorized software execution. With Airlock Digital, organizations can apply effective allowlisting to enforce this control.

Restrict Microsoft Office Macros

Macros are disabled by default and strictly controlled to prevent malware delivered through documents.

User Application Hardening

Web browsers and applications are configured to block insecure content such as Java, ads, and unsupported plugins.

Regular
Backups

Important data and configurations are backed up frequently, with copies securely stored offline for recovery after incidents such as ransomware. With Veeam Backup, organizations gain reliable, secure, and fast recovery to maintain business continuity.

Next Steps

Our Maturity Level One Assessment provides a clear starting point—helping your organisation identify quick wins, reduce exposure to common threats, and build a stronger cybersecurity foundation.

Contact us

Partner with Us for Comprehensive IT

We’re happy to answer any questions you may have and help you determine which of our services best fit your needs.

Call us at:
Your benefits:
  • Client-oriented
  • Independent
  • Competent
  • Results-driven
  • Problem-solving
  • Transparent
What happens next?
1

We Schedule a call at your convenience 

2

We do a discovery and consulting meting 

3

We prepare a proposal 

Schedule a Consultation