Cyber Essentials Certification
The Cyber Essentials scheme is a simple yet effective, Government backed framework that will help protect your organisation against a range of the most common Internet-based cyber attacks. It provides a cyber security certification scheme that was developed as a part of the UK Government’s National Cyber Security Strategy. The Cyber Essentials scheme specifies the (5) basic control areas that all organisations should address in order to mitigate the risk from common cyber threats and demonstrate a clear commitment to improving their approach to cyber security. The controls are based on research conducted, which demonstrated that the majority of breaches occur as a result of a weakness in one or more of 5 key areas. These 5 areas, described below, form the basis of the Cyber Essentials controls.
The 5 Technical Control Areas
From 01 April 2020, the IASME Consortium (IASME) officially became the sole National Cyber Security Centre (NCSC), a part of GCHQ, Cyber Essentials Partner and URM is delighted to have been assessed and confirmed as a certification body (CB). The scheme offers two levels of certification.
Your certification options:
In addition to the verification of the self-assessment questionnaire, Cyber Essentials Plus involves a technical audit of the systems that are in-scope of the assessment. It includes a review of a sample set of user devices, all Internet gateways and all servers accessible to Internet users. The assessor will select a random sample of systems, typically around 10%. It also involves conducting an internal vulnerability test on your IT infrastructure, focusing on the security of workstations and mobile devices (including BYOD). Cyber Essentials Plus provides a greater level of assurance than the self-assessed level.
Although implementing Cyber Essentials is relatively straightforward, some organisations may need help in understanding what the controls mean for them and how to address them. If this is the case for your organisation, URM can support you through the process and help you achieve certification. URM has a large team of qualified assessors and is able to provide you with independent support and verification by different assessors.
Benefits of Certification:
- Reassure and demonstrate to customers that you take cyber security seriously
- Be listed in the National Cyber Security directory
- Attract new business with the assurance that you have cyber security measures in place
- Meet prerequisite requirements for participation in government contracts
URM has been providing certification to the cyber essentials scheme for a number of years and has a large team of experienced, pragmatic assessors who are here to support you and guide you through the process. Not only do we bring a wealth of cyber security knowledge, but also a wide and varied experience of all the leading cyber and information security standards. As such, you can be assured that you are getting advice that is right for you and your organisation, taking into account your sector, size and the information you are looking to protect. In addition, our large team of assessors enables us to guarantee a super-fast turnaround.