The ACSC Essential 8 is a cybersecurity mitigation framework developed by the Australian Cyber Security Centre (ACSC) to help organisations protect themselves against the most common cyber threats. It outlines eight key security controls designed to prevent attacks such as ransomware, malware infections, and unauthorised system access. The Essential 8 includes measures like application control, patching applications and operating systems, configuring Microsoft Office macros securely, restricting administrative privileges, implementing multi-factor authentication, and maintaining regular data backups. In Australia, the ACSC Essential 8 is widely adopted by government agencies, critical infrastructure operators, and private sector organisations seeking to strengthen cyber resilience. The framework also includes a maturity model that helps organisations assess and progressively improve their cybersecurity posture, providing a practical pathway toward stronger governance, compliance, and risk management aligned with Australia’s national cybersecurity guidance.