News & Insights

Fourtify’s Cyber Security FAQ’s

11 July 2022Consultancy, Cyber Awareness, Cyber Essentials
Cyber Security employee at desk

Fourtify Cyber Security FAQs | Cyber Essentials and IASME

We frequently get asked a number of questions regarding Cyber Essentials and IASME so thought it would be helpful to list some of them here for you.

If the below list doesn’t answer all of your questions, please do reach out to the team on hello@fourtify.co.uk and we will get back to you as soon as possible with an answer.

 

What is Cyber Security?

The National Cyber Security Council describe Cyber Security as an approach by which individuals and organisations reduce the risk of becoming victims of cyber attack.

Cyber security’s core function is to protect the devices we all use (smartphones, laptops, tablets and computers), and the services we access – both online and at work – from theft or malicious activity. It’s also about preventing unauthorised access to the vast amounts of personal information we store on these devices, and online.

Cyber security is important because smartphones, computers and the internet are now such a fundamental part of modern life, that it’s difficult to imagine how we’d function without them. From online banking and shopping, to email and business transactions, it’s more important than ever to implement steps that can help prevent cyber criminals getting hold of our accounts, data, and devices.

 

What is Cyber Essentials / What is Cyber Essentials Plus?

The Cyber Essentials Certification scheme was developed by the National Cyber Security Council to encourage businesses to implement and manage five technical controls designed to ensure maximum protection for your business against the most common internet-based-threats.

Cyber attacks come in many shapes and sizes, but the vast majority are very basic in nature and carried out by relatively unskilled individuals or actors. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked. Cyber Essentials is designed to prevent such attacks occurring to your business.

Cyber Essentials is available in two levels of Certification:

Cyber Essentials

The self-assessment option gives you protection against a wide variety of the most common cyber attacks. This is important because vulnerability to basic attacks can mark you out as target for more in-depth unwanted attention from cyber criminals and others.

Certification gives you peace of mind that your defences will protect against the vast majority of common cyber attacks simply because these attacks are looking for targets which do not have the Cyber Essentials technical controls in place.

Cyber Essentials shows you how to address those and prevent the most common attacks.

Cyber Essentials Plus

Cyber Essentials Plus still has the Cyber Essentials trademark simplicity of approach, and the protections you need to put in place are the same, but for Cyber Essentials Plus a hands-on technical verification is carried out.

 

Who and What is IASME?

IASME stands for Information Assurance for Small to Medium Enterprises. Incorporated in 2012, IASME were one of five governing bodies for the Cyber Essentials Scheme which was launched by National Cyber Security Council. As of April 2020 IASME became the UK Governments sole Cyber Essentials Partner. IASME offer a number of Certifications which include:

  • Cyber Essentials
  • Cyber Essentials Plus
  • IASME Cyber Assurance
  • Civil Aviation Authority Assure Scheme
  • Maritime Cyber Baseline
  • IASME Counter Fraud Fundamentals (CFF) Scheme
  • IASME IOT Security Assured

IASME were founded on the principal that Cyber Security is an essential requirement for all organisations and their supply chains. By offering these certifications, IASME enable organisations of all sizes.

 

How long does it take to get Cyber Essentials Certified?

From the date you submit your application, Certification Bodies and IASME aim to return the results within 1 – 2 business days.

 

Is Cyber Essentials worth it?

By implementing the controls of Cyber Essentials and achieving certification, you are protecting your business against the majority of internet-based threats. The controls have been specifically designed to protect your business with maximum efficiency whilst maintaining an approach which is achievable for organisations of all sizes.

 

How long does Cyber Essentials last?

Cyber Essentials Certification lasts for 1 year from date of certification.

 

How many companies have Cyber Essentials?

It’s estimated that over 30,000 organisations currently hold Cyber Essentials however this growing year on year.

 

What does Cyber Essentials cover?

Cyber Essentials covers 5 technical controls which include:

  • Firewalls
  • Secure Configuration
  • User Access Control
  • Malware Protection
  • Security Update Management

 

How do I check if a company holds a valid Cyber Essentials Certificate?

You can search for valid certifications achieved by organisations in the last 12 months here: Cyber Essentials Certificate Search