Cyber Essentials aims to help organisations implement basic levels of protection against cyber attack, demonstrating to their customers that they take cyber security seriously.
The Cyber Essentials scheme is available at two levels, and an additional Two Levels of the IASME standard, that run alongside the Cyber Essentials scheme:
The five basic controls within Cyber Essentials were chosen because, when properly implemented, they will help to protect against unskilled internet-based attackers using commodity capabilities – which are freely available on the internet. The five controls are:
Organisations that undertake Cyber Essentials are encouraged to recertify at least once a year and, where appropriate, progress their security.
Since 1 October 2014, Cyber Essentials became a minimum requirement for bidding for some government contracts. Details can be seen here.
IASME was one of a handful of non-governmental organisations on the drafting panel. We were there to represent small companies during the development of the Scheme.
There are numerous standards associated with governance and risk management of cyber security but the government found that many common cyber attacks were succeeding due to simple technical controls not being managed. This even occurred in companies with governance standards in place. For this reason, the government is keen that all companies, including those who already have standards such as ISO27001, gain certification to the Cyber Essentials.
You can see more details about the Cyber Essentials and download the requirements from the GOV.UK website
In 2015, nearly three-quarters (73%) of small UK organisations reported a security breach (an increase on the 2013 and 2014 numbers), whilst the average cost of a security breach to a UK based SME is estimated at £115,000.
A primary objective of the UK Government’s National Cyber Security Strategy is to make the UK a safer place to conduct online business.
Cyber Essentials helps you to:
As an IASME accredited Cyber Essentials certification body, Morgan & Morgan can provide you with the support and expertise you need to achieve the government Cyber Essentials and Cyber Essentials Plus certification for your organisation.
As a value added IASME-accredited Cyber Essentials Certification Body, with skilled network testers, Morgan & Morgan can recommend and implement any specific solutions to address any points of failure to ensure compliance and maximum security. Upon registration you will have a unique login to our portal where you can track and monitor progress throughout the accreditation process.
Contact us now to book a