What is Cyber Essentials?
In order to adopt good practices in information security, the UK government Department for Business, Innovation and Skills released a government-endorsed scheme called Cyber Essentials in 2014.
The scheme was introduced to ensure the protection of data, and for companies to understand how that data can be used, secured, or compromised. The scheme ensures that data is protected from common cyber threats online. Organisations can gain one of two Cyber Essentials badges, and it’s backed by the Federation of Small Businesses, the CBI, and many insurance companies who offer incentives to businesses.
The Cyber Essentials certification is required for any suppliers to the UK government who handle any sensitive and personal information and any companies bidding for government contracts needed this certification.
The Cyber Essentials certification process requires five technical controls in your company, and in order to pass the self-certification your organisation must meet all of the requirements:
The two levels of certification
There are two levels of certification – Cyber Essentials, and Cyber Essentials PLUS.
Cyber Essentials is the DIY version. The organisation completes a self-assessment questionnaire and the responses are independently reviewed by an external certifying body.
Cyber Essentials PLUS has the same requirements as Cyber Essentials, except the system tests are carried out by an external certifying body, using tools and techniques which your company may not have access to.
An independent auditor completes the assessment by completing a security vulnerability scan of your IT infrastructure. The information gathered will guide any remedial actions, ensuring the company will meet the five technical controls to demonstrate good practice of information governance. As the external body works through your certification, you also have to supply evidence to ensure you meet all requirements.
This latest accreditation is part of the ongoing commitment at Outsource to continually improve our expertise and strive to deliver on our promise that everyone should benefit from the highest possible standards.