CYBER ESSENTIALS SCHEME
Achieving a strong cyber security structure for your business can consume significant amounts of time, money, specialist expertise and resource. The Cyber Essentials scheme as a Government backed industry recognised certification for cyber security.
What is the Cyber Essentials Scheme?
The Cyber Essentials certification enables all UK businesses to adhere to a series of Cyber Security principles to safeguard their business data, clients data and participate in high value tenders that require this certification. Cyber Essentials helps businesses to mitigate against phishing attacks including malware, malicious email and website links and hacking opportunities by exploring the known vulnerabilities in internet connected servers and devices. All risks are identified within an audit prior to the certification submission and weaknesses are identified.
Why Cyber Essentials?
Properly implemented cyber security has the additional advantage of driving business efficiency throughout the organisation, saving money and improving productivity. The five security controls that form the framework of both Cyber Essentials certifications, could prevent “around 80% of cyber attacks”.
Cyber Essentials Certification Costs
Our affordable packages include a thorough on-site audit of your current setup, which includes a list of recommendations in line with Cyber Essentials’ strict certification criteria. The Plus certification is awarded by the official Cyber Essentials accreditation body called Crest.
The two types of Cyber Essentials Certifications
Cyber Essentials Standard Certification
This affordable certification is awarded on the basis of a verified self-assessment. However to achieve this the business needs to put in place a series of detailed policies and process which take time to assess and implement. Infinity Group help businesses to then undertake their own assessment via the official online questionnaire. This questionnaire is then verified by one of our independent Assessors to assess whether an appropriate standard has been achieved, and the Cyber Essentials Standard is then awarded.
Ideal for businesses who:
- Want to demonstrate Government backed IT Security compliance
- Are looking for an enhancement of their ISO 2001 certification
- Keen to work towards obtaining the Cyber Essentials Plus Certification
Cyber Essentials Plus Certification
The Cyber Essentials Plus certification can only be obtained by a business after the Cyber Essentials Standard has been awarded. This fully audited certification is awarded by an external certifying body and offers a higher level of assurance through the external testing of the businesses cyber security approach, a thorough security scan of the network is undertaken by us and all vulnerabilities are identified.
Ideal for businesses who:
- Want to tender for large value projects
- Work with highly regulated industries
- Are looking for an enhancement of their ISO 2001 certification
(Cyber Essentials Plus only available once Cyber Essentials Standard has been achieved)
The core benefits of the Cyber Essentials Certifications
1: Risk Mitigation
Cyber Essentials helps businesses to identify the risks it faces when it comes to cyber security and in order to achieve the certification there needs to be specific processes and structures in place every year.
2: Stand Alone Assurance
Broader standards and frameworks such as ISO 27001, PCI, COBIT, or the ISF Standard of Good Practice provide a different type of protection. As Cyber Essentials as a stand-alone assurance programme, it’s affordable for all businesses. Many businesses that already have the ISO 27001 also have Cyber Essentials, and some opt for Cyber Essentials only.
3: Protection from Cyber Threats
Thousands of businesses every year fall victims of cyber security hacks which cost time, money and potentially the loss of company and client data. Cyber Essentials ensures processes and the correct setup is in place to prevent this.
4: Data Protection
At present, data protection is regulated by the Data Protection Act 1998, which is very dated. However, within the next two years the New EU General Data Protection Regulation (GDPR) will come into force. Business owners are now solely responsible for the security of clients data in line with the new regulation. Cyber Essentials helps identify weaknesses and puts processes in place to protect data.
5: Customer Reassurance
Many high value tenders now require the ISO 27001 accreditation as well as Cyber Essentials as it’s industry recognised and demonstrates strong compliance.
We look forward to discussing your Cyber Essentials requirements in more detail.