5 Technical Controls of Cyber Essentials
Malware Protection
Malware Protection is critical to your business security. Malware Protection is designed to detect, delete or block malicious code which could be used to encrypt your device, steal or delete your data.
Secure Configuration
Secure Configuration should be a high priority for every business. It protects your business against known vulnerabilities and ensures you actively minimise threats to your organisation.
Patch Management
Patch Management is a key control within Cyber Essentials. Patches fix vulnerabilities which attackers can exploit. When a new security patch is released you should be implementing within 14 days to achieve certification.
Boundary Firewalls
Firewalls are your first line of defence. By analysing all the data arriving through your internet connection, a correctly configured firewall will block malicious programmes and attackers from gaining access to your systems.
Access Control
Access Control should be fundamental to your business. It controls who has access to what information and resources. Effective Access Control makes sure users are who they say they are.
Why should you get certified?
The majority of cyber attacks use relatively simple methods which exploit basic vulnerabilities in software and computer systems. There are tools and techniques openly available on the Internet which enable even low-skilled actors to exploit these common vulnerabilities. By implementing the Cyber Essentials controls, organisations are enhancing their cyber security posture and better equipping themselves to deal with the growing cyber threats.
Cyber Essentials and Cyber Essentials Plus are backed by the UK Government and are proven to be an effective scheme that will help protect your organisation against some of the most common cyber threats, such as:
- Phishing attacks
- Malware
- Ransomware
- Password guessing
- Network attacks
Is Cyber Essentials right for me?
The scheme is often mandated, or actively encouraged, across an increasing number of Government and Private sector contracts. For MoD contracts, it is required throughout the supply chain.
The NCSC designed Cyber Essentials to be flexible, meaning that it’s applicable to organisations of all sizes and all sectors. It’s a Certification that reassures your current and potential future clients that you take your Cyber Security seriously.
The Information Commissioner’s Office (ICO) recognises the Cyber Essentials scheme and its ability to provide certain security assurances and helps protect personal data in an organisation’s IT system. ‘Get in line with Cyber Essentials’ is a section in the ICO’s ‘A practical guide to IT security’ publication.
Cyber Liability Insurance is included for organisations with a turnover under £20,000,000.00 who achieve a verified self-assessed certification which covers the whole of their organisation.
Benefits of Cyber Essentials
Recognised by UK Government
IASME work in partnership with the National Cyber Security Council to create and manage these standards supported by UK Government.
Win New Business
Win work with the UK Government. Organisations are required to hold Cyber Essentials for contracts which handle sensitive or personal data.
Reassure Your Customers
Reassure your customers and steakholders that you take Data Protection seriously. By achieving Cyber Essentials or Cyber Essentials Plus Certification.
Cyber Liability Insurance
Opt-in for FREE Cyber Liability Insurance for UK based organisation upon achieving Cyber Essentials if your turnover is less then £20,000,000.00.
Affordable and Flexible Security Standard
Cyber Essentials and Cyber Essentials Plus have been specifically designed to be achievable and affordable with SMEs in mind.