28 July 2015 Comments Off on What is Cyber Essentials? Resources
A high level overview of the scheme
Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks. Launched in 2014, it has proved highly effective with as much as 99.3% attacks being mitigated by achieving Cyber Essentials.
It was designed to not only provide protection but to assure the customers, partners and interested parties of an organisation that security measures are in place via an independently issued certification.
What’s contained in Cyber Essentials?
Cyber Essentials is a collection of basic technical and policy controls which need to be implemented to meet the requirements.
The five control areas are:
Boundary Firewalls and Internet Gateways
The good news is these controls are prescriptively specified, so organisations know exactly what is required of them. The bad news is that interpreting, checking and implementing these controls can often be a project in itself.
That’s why we created CyberSmart – a platform that uses intelligent software to automatically check and guide organisations through remediation. Once devices and systems are compliant, organisations can then achieve certification within a single dashboard. In short, we reduce the time to certification from weeks or months to just days.
Who’s using Cyber Essentials?
Cyber Essentials has been widely adopted to assure the supply chain amongst the public sector – central government has mandated Cyber Essentials for any suppliers tendering for contracts handling sensitive data.
It has also seen adoption within the private sector, with companies such as Barclays, BT, Vodafone, Astra Zeneca and Airbus recommending or mandating their suppliers achieve Cyber Essentials.
Why do companies do Cyber Essentials?
The primary motivation for undertaking any security program should be to improve the security posture of an organisation, which results in the reduction of risk and potential damage of cyber attacks. In addition, certifications issued via our platform include £25,000 worth of cyber insurance coverage (terms apply).
Often, organisations will need to achieve Cyber Essentials if a potential customer or interested party has requested they demonstrate their security credentials.
Organisations looking to bid for government contracts (https://www.gov.uk/contracts-finder) handling sensitive data will need Cyber Essentials to tender.