What is Cyber Essentials?
Cyber Essentials is a simple but effective, Government-backed scheme that will help you to protect your organisations equipment, whatever its size, against a whole range of common cyber attacks.
Cyber attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked.
If you are interested in CE, we would complete an initial audit (which is often free) and provide a short report on areas that require consideration. We can also include a proposal and costs to implement recommendations and provide Professional Services to take you safely through the journey.
It may be that very little is required (particularly if you already use Microsoft 365). Or there may be software and hardware changes to be made along with set-up, programming and training.
Cyber Essentials (standard version)
The self-assessment option gives you protection against a wide variety of common cyber attacks. This is important because vulnerability to simple attacks can mark you out as target for more in-depth unwanted attention from cyber criminals and others.
Certification gives you peace of mind that your defences will protect against the vast majority of common cyber attacks simply because these attacks are looking for targets which do not have the Cyber Essentials technical controls in place.
Cyber Essentials shows you how to address those basics and prevent the most common attacks.
Cyber Essentials Plus
Cyber Essentials Plus still has the Cyber Essentials trademark simplicity of approach, and the protections you need to put in place are the same, but for Cyber Essentials Plus a hands-on technical verification is carried out.
Alternatively, you can familiarise yourself with cyber security terminology, gaining enough knowledge to begin securing your IT.
Along with the standard questionnaire for the normal CE accreditation and Plus, there is a further questionnaire available that covers GDPR. It may be sensible to complete this extra ‘step’ (but not mandatory) since GDPR is so tightly linked to the aspects covered by CE.
Getting verified for CE – the standard edition (not Plus)
A self-assessment option that demonstrates you have key controls in place to help protect against a wide variety of the most common cyber attacks. It includes a self-assessment questionnaire and an external vulnerability scan. The certification process has been designed to easy to follow and cover the areas of your computer systems that need protection.
Getting verified for the ‘Plus’ Accreditation
A self-assessment option that demonstrates you have key controls in place to help protect against a wide variety of the most common cyber attacks. Cyber Esentials Plus includes a self-assessment questionnaire, an external vulnerability scan, an additional internal scan and an on-site assessment of your computer equipment to make sure you’re following the correct guidelines.
Ensuring you maintain Cyber Protection and CE Compliance
Things change, particularly on your computer network.
We can provide a monthly service where we regularly check for any changes that may have been made on your network and ensure that all changes comply with the CE Accreditation.
This option is normally only available if we are also providing ongoing IT Support for your business or organisation.
Getting verified and accredited really only means you comply at that time. Unless you ensure that things continue to comply, you are leaving a loophole that might only be resolved when you come to re-visit it on renewal.
Cyber Liability Insurance
Once you are have achieved certification, you are also entitled to Cyber Liability insurance.
More details can be found HERE
Cyber Essentials – Requirements for IT Infrastructure
Cyber Essentials Plus – Illustrative Test Specification
Cyber Essentials Leaflet