Every organisation has backups. Far fewer have actually tested whether they work under real conditions. The Essential 8 backup and recovery control isn't asking whether your backup jobs are completing. It's asking whether you could actually rebuild from them.
Read MoreLiving off the land attacks use legitimate system tools to avoid detection. Restricting those tools without breaking legitimate operations is why most organisations skip this control entirely. Here's what a realistic hardening baseline actually looks like.
Read MoreMacro-based phishing isn't the threat it was three years ago. Microsoft changed the defaults and attackers moved on. So why does the Essential 8 still include this control? Because a vendor default and a verified configuration are not the same thing, and the gap between them is where the residual risk lives.
Read More
