What is Cyber Essentials?
The Cyber Essentials scheme provides businesses small and large with clarity on good basic cyber security practice. By focusing on basic cyber hygiene, your company will be better protected from the most common cyber threats. Cyber Essentials certification is awarded on the basis of a verified self-assessment.
An organisation undertakes a review of their Cyber Security posture via an appropriate questionnaire, which is then approved by a company’s senior executive such as the CEO. This questionnaire is then verified by an independent Certification Body to assess whether a safe standard has been achieved, then certification can be awarded. This option offers a basic level of assurance and can be achieved at a very low cost.
Origin of Cyber Essentials
Cyber Essentials – Key Controls
Business Scope
To implement the five key controls, you will need to determine the scope of your business. Once you know the scope, you can apply this to each of the five key categories.Access Control
User accounts, especially those with special admin rights have the highest level of access to sensitive information. Find out how you can protect against misuse of these special privilegesBoundary Firewalls
Firewalls are used to stop intruders and cyber attackers from gaining access to your sensitive data. Boundary firewalls protect your computers from internet based attacksMalware Protection
Viruses, worms and spywares are a major threat to your business. These malware can leave your computers vulnerable to malicious software and cyber attacksPatch Management
Vulnerabilities are inherent in all types of everyday software, and new threats are being discovered on a daily basis. Patch management and keeping your systems up to date is vitalSecure Configuration
Configuring your computers and network devices such as routers is crucial to the security of your systems. The default settings need proper configuration for optimal securityHow Do You Get Certified?
The first step to getting certified is completing the Cyber Essentials Questionnaire. The questions are designed to demonstrate that your organisation is complying with the Cyber Essentials guidelines. After the completed questionnaire is signed off by a senior executive from your company, then the questionnaire must be verified by an external assessor. If your application is successful, your organisation can be awarded the Cyber Essentials Badge.
A list of Certifying Bodies can be found here.
Download the FREE original documents from the links below
– Cyber Essentials Summary
– Cyber Essentials Requirements
– Cyber Essentials Assurance Framework
– Cyber Essentials Common Questionnaire
This document has been prepared with the assistance of the IASME Consortium Ltd and CREST (GB) Ltd, and is derived from work carried out by those organisations under contract to HMG (BIS, CESG, Cabinet Office) during the development of the Cyber Essentials Scheme.