Cyber Essentials has been developed by the UK Government, in conjunction with industry to provide clear guidelines of the basic controls that organisations should implement to protect against the most prevalent threats from the internet. The Government believes that implementing these controls can significantly reduce an organisation’s risk exposure. The small set of controls defined within the Cyber Essentials scheme will provide cost-effective, basic cyber security for organisations of all sizes.
Cyberis provides Cyber Essentials and Cyber Essentials Plus Services in line with the CREST Cyber Essentials Assurance Scheme (http://www.crest-approved.org/cyber-essentials/index.html)
The Cyber Essentials certification consists of two steps.
- A verified self-assessment questionnaire that declares your organisation’s compliance to the requirements of Cyber Essentials, and signed by a company director.
- A simple technical assessment your organisation’s internet facing presence is performed, to identify areas where the controls defined by Cyber Essentials are not implemented or implemented correctly.
Cyber Essentials Plus
The Cyber Essentials Plus certification encompasses all the elements of Cyber Essentials, with some added assurance activities. These activities investigate the controls you have implemented to protect your internal servers, desktops and mobile devices from the most prevalent attacks.
- Provide cost-effective assurance to your customers that you are protected from the most common internet based attacks.
- Demonstrate due diligence in the protection of your own information and that of your clients.
- Develop and implement some basic good security practices security.
- Identify and remediate weaknesses in your existing controls.