Cyber Essentials was launched eight years ago. It is a government-backed set of standards which were introduced to help businesses build a robust infrastructure to minimise the risk of cyber attacks.
Because it is an externally-recognised certification, in addition to making a business more secure, Cyber Essentials can also provide assurances to customers or potential customers, about the standards that an organisation is working to.
There are two levels of certification – Cyber Essentials and Cyber Essentials Plus. The former is self-assessed and independently verified; the latter includes an independent technical audit to verify that the Cyber Essentials controls are in place.
Cyber Essentials controls are reviewed each year and may be adapted to reflect the ever-evolving world of cyber threats. This year’s changes relate to:
- Passwords and two-factor authentication
- Home working
- Device declaration and “Bring Your Own Device”
- Routers and Firewalls
- Cloud-based services such as Software as a Service (SaaS)
- “Thin clients” (otherwise known as remote desktop services)
Any business which currently has a Cyber Essentials certification will need to comply with the new controls by the time of their renewal date.
For more information, or for help in gaining certification, please give us a call or enter your contact details here.