You will need to have appropriate and effective security measures in place as information may become unreliable and untrustworthy, may not be accessible where or when required, or may be compromised by unauthorised third parties. We work closely with expert providers that can deliver this on your behalf.
What is Cyber Essentials?
Cyber Essentials aims to help organisations implement basic levels of protection against cyber attack, demonstrating to their customers that they take cyber security seriously.
The Cyber Essentials scheme is available at two levels, and an additional Two Levels of the IASME standard, that run alongside the Cyber Essentials scheme:
- Cyber Essentials– an independently verified self-assessment. Organisations assess themselves against five basic security controls and a qualified assessor verifies the information provided.
- IASME Governance– In addition to Cyber Essentials scheme the IASME governance standard is completed at the same time as Cyber Essentials and is along the same lines as the ISO27001 but specifically for small and Medium size companies.
- IASME Gold– The Gold standard is a higher level where a qualified and independent assessor examines the Cyber Essentials and IASME Governance controls, testing that they work in practice, and each examination independently audited.
- GDPR Readiness– GDPR will require more than just the Cyber Essentials basic technical controls. By certifying to the IASME governance standard as well you show your organisation has a wider governance system for management of the controls protecting personal data. The IASME governance standard adds a number of topics to Cyber Essentials which will really help with GDPR compliance, such as assessing business risks, training staff, dealing with incidents and handling operational issues.
- Cyber Essentials PLUS– a higher level of assurance. A qualified and independent assessor examines the same five controls, testing that they work in practice by simulating basic hacking and phishing attacks, and also includes external and internal vulnerability scans, with the on-site technical assessment.
The five basic controls within Cyber Essentials were chosen because, when properly implemented, they will help to protect against unskilled internet-based attackers using commodity capabilities – which are freely available on the internet. The five controls are:
- Boundary firewalls and internet gateways
- Secure configuration
- Access control
- Malware protection
- Patch management
Why Cyber Essentials?
In 2015, nearly three-quarters (73%) of small UK organisations reported a security breach (an increase on the 2013 and 2014 numbers), whilst the average cost of a security breach to a UK based SME is estimated at £115,000. A primary objective of the UK Government’s National Cyber Security Strategy is to make the UK a safer place to conduct online business.
Cyber Essentials helps you to:
- Demonstrate to your stakeholders that you take cyber security seriously
- Gain competitive advantage over competitors who aren’t certified
- Reduce your risk of cyber-attack by 80%
- Be part of a scheme that is industry backed and supported.
What we offer
As an IASME accredited Cyber Essentials certification body, our expert provider can provide you with the support and expertise you need to achieve the government Cyber Essentials and Cyber Essentials Plus certification for your organisation.
As a value added IASME-accredited Cyber Essentials Certification Body, with skilled network testers, our expert provider can recommend and implement any specific solutions to address any points of failure to ensure compliance and maximum security. Upon registration you will have a unique login to our portal where you can track and monitor progress throughout the accreditation process.