Introducing Cyber Essentials
Posted on 23 October 2017
You may have heard ‘Cyber Essentials’ bounded about, or you might even recognise the logo, but one thing is certain, the number of organisations looking to achieve their accreditation is growing.
Cyber Essentials is a government-backed, industry supported scheme aimed to help organisations protect themselves against common cyber-attacks through standardized baseline IT security.
The standard is built around the ISO27001 framework and is designed to help complement this if you already have this certification in place.
So, when did it start?
The scheme was launched back in June 2014 with large organisations such as BAE, HP, Vodafone and Barclays being the first to apply for the scheme.
Who needs it?
If your business wishes to tender for work with the MOD or Government you will be required to achieve Cyber Essentials accreditation.
However, even if you are not working with the MOD or Government, your customers or suppliers may still request your business undertake the Cyber Essentials process. It’s a small price to pay when compared with the benefits most companies will gain from added security.
What does it cover?
Cyber Essentials is based on 5 basic controls which help protect against internet-based attackers.
- Boundary firewalls and internet gateways
- Secure configuration
- Access control
- Malware protection
- Patch management
Which version do I need, Standard or Plus?
For most companies, the Standard version is enough to make the required changes to strengthen your cyber security.
Cyber Essentials Standard is a self-assessment questionnaire which is then assessed by an external certified body, resulting in a pass or fail.
Cyber Essentials Plus is the same as above but also includes an onsite assessment which involves checking security best practices are implemented and perform a basic vulnerability assessment.
How can Enhanced Help?
We’ve already helped certify two customers to ‘Cyber Essentials PLUS’ level, with several others going through the Cyber Essentials Standard level. Enhanced can pre-audit, provide recommendations and implement the required steps that will enable your business to gain certification. In addition, our highly trained team can support you through the self-assessment questionnaire for certification.
Download our Cyber Essentials infographic to find out more, or call a member of the Enhanced team on 01202 308000