Contact Us
Solutions

Essential 8: Maturity Level One

Maturity Level One: Defending Against Basic, Opportunistic Threats

Schedule a Consultation

At Maturity Level One, the focus is on protecting against malicious actors who use widely available, low-sophistication tools and techniques to compromise systems. These attackers typically do not target specific organisations. Instead, they opportunistically scan for common vulnerabilities across many networks, looking for easy entry points.

For example, an attacker might:

  • Exploit an unpatched vulnerability in a publicly exposed system
  • Use stolen, reused, brute-forced, or easily guessed credentials to gain access
  • Trick users into launching malicious applications through basic social engineering tactics

These actors are primarily interested in any vulnerable system, not necessarily yours. If they manage to compromise a user account with elevated privileges, they may use it to gain broader control or cause further damage. Depending on their motives, they might even delete or corrupt data—including backups.

What This Means for You

To reach and maintain Maturity Level One, organisations should:

  • Address common vulnerabilities (especially through patching)
  • Reduce the effectiveness of stolen credentials (e.g., by using MFA)
  • Educate users to recognise basic phishing or social engineering attempts
  • Limit administrative privileges where possible
  • Ensure that backup systems are secure and not easily accessible to attackers

Mitigation Strategies to Prevent Malware Delivery and Execution

Our approach to cybersecurity follows industry best practices to minimize risks, strengthen defenses, and ensure resilience. The key strategies include:

Patch Applications & Operating Systems

Regular vulnerability scanning and timely application of patches to keep systems up to date and secure. Unsupported applications and operating systems are removed or replaced.

Multi-Factor Authentication (MFA)

MFA is enforced across critical systems, online services, and customer portals to protect sensitive data and prevent unauthorized access.

Restrict Administrative Privileges

Privileged access is strictly controlled, with dedicated accounts, restricted internet use, and separation of environments to reduce exploitation risks.

Application Control

Only approved applications are allowed to run, reducing the risk of malicious or unauthorized software execution.

Restrict Microsoft Office Macros

Macros are disabled by default and strictly controlled to prevent malware delivered through documents.

User Application Hardening

Web browsers and applications are configured to block insecure content such as Java, ads, and unsupported plugins.

Regular Backups

Critical data, applications, and settings are securely backed up, tested, and protected against unauthorized access to ensure business continuity.

Next Steps

Our Maturity Level One Assessment provides a clear starting point—helping your organisation identify quick wins, reduce exposure to common threats, and build a stronger cybersecurity foundation.

Contact us

Partner with Us for Comprehensive IT

We’re happy to answer any questions you may have and help you determine which of our services best fit your needs.

Call us at:
Your benefits:
  • Client-oriented
  • Independent
  • Competent
  • Results-driven
  • Problem-solving
  • Transparent
What happens next?
1

We Schedule a call at your convenience 

2

We do a discovery and consulting meting 

3

We prepare a proposal 

Schedule a Consultation

Seventh Ave, 20th Floor New York, NY 10018 

T: 1-800-356-8933
E: office@tecnologia.com

LinkedIn

Github

Twitter

Facebook

Youtube

© 2025 VamTam. All rights reserved.