CYBER SECURITY

Doing business online should be safe. To help protect companies against cyber threats, the UK, has established the Cyber Essentials scheme. The Cyber Essentials scheme is a framework devised by the UK Government that contains a set of universal security standards Operated by the National Cyber Security Centre the scheme encourages good practice in information security. No matter what the size of your company, If your business is Cyber Essentials certified, it’s a clear sign to clients and partners that you can be trusted with their data and personal information.

Cyber Essentials is also required for many Government and public-sector contracts, making it a key driver of new sales and business growth. Cyber Essentials Plus is an extended version of Cyber Essentials, with additional security controls, that unlocks more public-sector opportunities.

What’s involved in Cyber Essentials certification?

With over 80% of UK businesses vulnerable to avoidable security threats, the Cyber Essentials framework has been designed as a strong security baseline for every business in every industry. Mapping against five simple technical controls means it’s easy to achieve Cyber Essentials certification. These include:

• Access control
• Firewalls and routers
• Malware protection
• Secure configuration
• Software updates

Cyber Essentials

• Reassure clients and partners that you regard cyber security as important.
• Be listed in the Cyber Essentials Directory of organisations.
• Attract new business with industry standard prerequisites.

How do you achieve a Cyber Essentials Certification?

Completed as a self-assessment questionnaire via an online portal and based around the five key technical controls above. The certification ensures that you are protected from a wide range of the most serious cyber threats. This is critical because being vulnerable to basic threats will make you a target for attacks from cyber criminals.

Once the assessment is completed and your company has reached all the security standards put in place, the accredited body will verify your answers to ensure you’re compliant.

Cyber Essentials Plus

This extends upon Cyber Essentials and you will need to complete a Cyber Essentials Plus audit within three months of your Cyber Essentials basic certification.

 A representative from the accredited body will be attending your business premises and undertaking a more thorough review of your IT systems.

This will include gathering evidence for the following:

• Can malicious files enter the organisation from the internet through either web traffic or email messages.
• Should malicious content enter the organisation, how effective are the anti-virus and malware protection mechanisms.
• Should the organisation’s protection mechanisms fail, how likely is it that the organisation will be compromised due to failings in the patching of the organisation’s workstations.

By having a Cyber Essential Plus Certification you will be able to:

• Reassure customers that you are secured against cyber-attack.
• Attract new business with potential customers aware you have implemented cyber security measures.
• You clearly understand your organisation’s cyber security level.
• Unlock public sector opportunities as some Government contracts require Cyber Essentials certification.

If you wish to become certified, there are no prerequisites and we have qualified and experienced assessors to guide you through the process.