Ensuring systems and software are up to date and secure, preventing cyber criminals using vulnerabilities in your software to get into your systems.
Cyber Essentials - What you need to know
What is Cyber Essentials?
Cyber Essentials (CE) is a government-backed cyber security certification scheme that was introduced in 2014 by the National Cyber Security Centre (NCSC). In January 2023, a further update of the scheme was announced to ensure continual relevance as the cyber threat landscape evolves.
It’s an accredited programme designed to mitigate over 80% of threats. Certified companies enjoy peace of mind and are able prove to customers that their operations are trustworthy and secure.
The NCSC (part of GCHQ) introduced the Cyber Essentials scheme to make the UK and Crown Dependencies highly secure locations for digital business through affordable cyber protection. IASME is the designated certification partner, and the process focuses on five technical controls that guard against the most common types of cyber threat.
Do I need ANOTHER certification?
When looking for a potential supplier, diligent decision makers investigate the credentials of prospective organisations, and certification to Cyber Essentials is fast becoming a minimum requirement - indeed many public sector bodies will only deal with companies that are CE accredited. At a time when cybercrime is at epidemic proportions, we all prefer to deal with companies that take security seriously.
Cyber Essentials Basic: is the base level online process that’s checked by experts at IASME to determine alignment with the standard. It provides certified protection against a wide variety of cyber threats, and reduces the risk of a damaging cyber-attack.
Cyber Essentials Plus: provides the same approach and protection with an additional hands-on technical verification that involves an in-depth vulnerability scan and analysis of the organisation’s systems by a qualified assessor, who then personally verifies the business is compliant.
Cyber Essentials certification enables organisations to:
- Reassure customers that systems are protected against attacks from cyber-space.
- Attract new business with assurances that cyber security measures are in place.
- Provide clear evidence of the organisation’s cyber security protection level.
- Widen sales opportunities as customers increasingly require CE certification.
Simplifying the Red Tape process
Working with a security partner to guide you through the process at every step of the way is a recommended course of action for organisations needing speedy, and assured certification.
Many small and medium sized businesses struggle with the accreditation detail required and some questions can be difficult to understand without detailed technical knowledge of the systems. Remedial action may be required to gain certification, and support from experts also serves as a security audit for on-going protection and assurance.
Platform for on-going security
CE certification is a tried and tested ‘building block’ process for the on-going war against ever more sophisticated cybercrime. Having a level of protection that meets certified Government guidelines provides peace of mind and proof that you’re doing everything required to protect your systems and data - demonstrating to customers that you take security seriously.
Related articles
It’s not about predicting the future, but making it possible
Our Chief Technical information Officer Cyrille Joffre shares his highlights from the recent MWC in Barcelona.
Cyber Security tips for small businesses
We look at the main security risks for small businesses, and what they can be doing to increase protection against attacks.
Guernsey SASIG event highlights
Latest ransomware tactics, hybrid Clouds and more discussed at Guernsey security forum. Iain Davidson, Head of Enterprise Products at Sure Business, was in attendance and shares his insights on an important event.