Blog

WHAT IS CYBER ESSENTIALS?

September 11th, 2017 by Mark Daly in ilicomm News No Comments »
WHAT IS CYBER ESSENTIALS? ilicomm Technology Solutions

WHAT IS CYBER ESSENTIALS?

Cyber Essentials (CE) is a government-backed cyber security certification scheme that sets out a baseline of cyber security suitable for all organisations. The scheme addresses five key controls that, when implemented correctly, can prevent around 80% of cyber attacks.

The certification can server as a valuable indicator that the organisation has taken the necessary measures to reduce the risk of a cyber attack.

The scheme focuses on the following five essential mitigation strategies:

  • Boundary Firewalls and Internet Gateways
  • Secure Configuration
  • Access Control
  • Malware Protection
  • Patch Management

 

A set of 5 key controls which will provide cost-effective, basic cyber security for organisations of all sizes:

WHAT IS CYBER ESSENTIALS? ilicomm Technology Solutions

Secure Configuration

WHAT IS CYBER ESSENTIALS? ilicomm Technology Solutions

Boundary firewalls and internet gateways

WHAT IS CYBER ESSENTIALS? ilicomm Technology Solutions

Access control and administrative privilege management

WHAT IS CYBER ESSENTIALS? ilicomm Technology Solutions

Patch management

WHAT IS CYBER ESSENTIALS? ilicomm Technology Solutions

Malware protection

 

 

“80% of cyber attacks could be prevented if businesses put simple security controls in place”. (GCHQ, 2015)

 

 

 

Why does my business need Cyber Essentials?

Apart from implementing good practice for Cyber Security and protecting your organisation, it is mandatory for anyone in the supply chain of central government to be Cyber Essentials certified. Enterprise businesses are now asking for organisations to be Cyber Essentials certified in order to qualify for tendering opportunities.

  • Basic security controls that organisations can implement to mitigate against common threats.
  • A shared vocabulary whereby a company can demonstrate to customers and other external bodies that they have taken essential precautions against cyber risks.
  • Anyone in the Central Government supply chain will be required to be Cyber Essentials Scheme compliant.

Two levels of certification

WHAT IS CYBER ESSENTIALS? ilicomm Technology Solutions
CYBER ESSENTIALS

The Cyber Essentials certification process includes a self-assessment questionnaire (SAQ) This is coupled with vulnerability scans depending on how many devices are presenting themselves to the outside world.

WHAT IS CYBER ESSENTIALS? ilicomm Technology Solutions
CYBER ESSENTIALS PLUS

Cyber Essentials Plus certification includes all of the Cyber Essentials elements, together with an increased level of examination provided by onsite evaluations of endpoint security.

It Provides a higher level of internal and external assurance as it involves a more hands on approach by a certification body.

 

 

The Cyber Essentials process

WHAT IS CYBER ESSENTIALS? ilicomm Technology SolutionsSystems in scope for certification are decided between the organisation and the certifying body.
WHAT IS CYBER ESSENTIALS? ilicomm Technology SolutionsThe organisation fills in a questionnaire to self-assess their implementations of the Cyber Essentials control themes
WHAT IS CYBER ESSENTIALS? ilicomm Technology SolutionsCertifying body scores the questionnaire and vulnerability scan and determines a pass/fail result.
WHAT IS CYBER ESSENTIALS? ilicomm Technology SolutionsCertifying body issues the certificate.

Copyright: tashatuvango / 123RF Stock Photo

Comments are closed.