Everything you wanted to know about Cyber Essentials but were afraid to ask!
The growing cyber threat
For any organisation the consequences of a cyber security breach include financial costs, damage to systems and lost data, as well as reputational damage.
What is Cyber Essentials?
The Government has introduced the Cyber Essentials scheme, to address five key controls that, when implemented correctly, can prevent around 80% of cyber-attacks:
- Malware Protection– i.e. using anti-virus software
- Patch Management – i.e. updating software
- Access Control – i.e. restricting access to those that need it
- Secure Configuration – i.e. setting up systems securely
- Boundary Firewalls – to prevent unauthorised access.
Why do you need Cyber Essentials?
Achieving the Cyber Essentials standard will enable organisations to:
- Ensure that they are protected against common cyber threats
- Show their customers that they take cyber security seriously
- Bid for Government contracts.UK government contracts which involve handling personal information demand suppliers hold Cyber Essentials.
Cyber Essentials also helps organisations to identify and implement the security measures needed to protect personal information and avoid breaching data protection regulations.
Achieving Cyber Essentials
There are two levels of Cyber Essentials certification:
Cyber Essentials certification offers a basic level of assurance and can be achieved at low cost via self-assessment.
Cyber Essentials Plus covers the same requirements but provides a higher level of assurance as the organisation’s cyber security standards are tested by an external certifying body.