Cyber Essentials Scheme
The Cyber Essentials scheme is a UK Government backed cyber security initiative that aims to provide a standardized approach for businesses to assess security risks and show a commitment to the protection of the personal data of its customers and all stakeholders they relate with.
The scheme defines a series of technical and procedural controls to mitigate the risks associated with cyber threats.
There are two levels of certification:
This requires organisations to complete a self-assessment questionnaire and the responses are reviewed by an external certifying body.
What are the benefits of Cyber Essentials
Cyber Essentials consists of five key controls which, when implemented, help to secure your organisation against cyber-attacks. These are:
Securing access to network services
Configuring your systems to reduce vulnerabilities
Ensure access to your data and services is assigned to authorised users only
Using and maintaining virus and malware protection
Keeping your applications up-to-date with necessary patches and security fixes
Organisations can defend against the most common form of basic cyber-attacks originating from the internet by deploying the above controls hence preventing to illegitimate access to their systems.
Once passed, you’ll be able to display the Cyber Essentials logo on your website and marketing literature to demonstrate to your customers, suppliers, investors and stakeholders that your organisation is taking steps to protect against common cyber threats and take cyber security seriously.
Cyber Essentials Plus
This is a test of the organisation’s systems are carried out by an external certifying body.
Cyber Essentials Plus offers businesses the opportunity to take their security to the next level and cannot be undertaken without first being Cyber Essentials certified.
Cyber Essentials Plus is aimed at businesses with a more complex IT infrastructure and by achieving it, you can reassure and demonstrate to your customers that you have a higher level of commitment to security, which will further increase their confidence in your business.
To complete the Cyber Essentials Plus accreditation, you will also need to pass a final technical audit.