Cyber Essentials Certification
The Cyber Essentials scheme is a simple yet effective, Government backed framework that will help protect your organisation against a range of the most common Internet-based cyber attacks. It provides a cyber security certification scheme that was developed as a part of the UK Government’s National Cyber Security Strategy. The Cyber Essentials scheme specifies the (5) basic control areas that all organisations should address in order to mitigate the risk from common cyber threats and demonstrate a clear commitment to improving their approach to cyber security. The controls are based on research conducted, which demonstrated that the majority of breaches occur as a result of a weakness in one or more of 5 key areas. These 5 areas, described below, form the basis of the Cyber Essentials controls.
The 5 Technical Control Areas
Making sure that only those people who need access to specific information in your organisation have it and ensuring that this is monitored and checked regularly.
Choosing and applying the most secure settings for all of your devices and software by changing passwords and removing unused accounts and software.
Ensuring that your software and operating systems are regularly checked and updated with the latest patches to protect against vulnerabilities.
Reducing the likelihood of being infected by some form of malware including computer viruses, worms, spyware, botnet software and ransomware, by ensuring that you have correctly configured anti-malware software which only allows trusted applications.
Firewall and Routers
Creating a ‘buffer zone’ to allow you to analyse traffic looking to gain access to your network to establish whether or not it should be allowed.
From 01 April 2020, the IASME Consortium (IASME) officially became the sole National Cyber Security Centre (NCSC), a part of GCHQ, Cyber Essentials Partner and URM is delighted to have been assessed and confirmed as a certification body (CB). The scheme offers two levels of certification.
Your certification options:
An independently verified self-assessment. An online self- assessment questionnaire to be completed by the organisation and then assessed by URM.
Cyber Essentials Plus
Although implementing Cyber Essentials is relatively straightforward, some organisations may need help in understanding what the controls mean for them and how to address them. If this is the case for your organisation, URM can support you through the process and help you achieve certification. URM has a large team of qualified assessors and is able to provide you with independent support and verification by different assessors.
Benefits of Certification:
- Reassure and demonstrate to customers that you take cyber security seriously
- Be listed in the National Cyber Security directory
- Attract new business with the assurance that you have cyber security measures in place
- Meet prerequisite requirements for participation in government contracts
- Entitled to receive £25,000 cyber insurance* - 24-hour helpline providing crisis management and incident response services
*Applies to any organisation that achieves Cyber Essentials certification via an approved certification provider and where:
- The entire organisation is certified
- The organisation is domiciled in the UK
- The organisation’s annual turnover is under £20m
- The organisation opts-in to the insurance
More about Cyber Essentials
Our office is open 08:00 – 17:30 Monday to Friday.