News item

Cyber Essentials - Show your customers you’re serious about cyber security

Cyber Essentials is a UK government scheme that aims to highlight security issues from internet-based threats. Becoming Cyber Essentials certified shows your customers you’re following best practices for IT security.

Cyber Essentials was launched by the Department for Business, Innovation and Skills (BIS) to help businesses avoid the risk of internet-based threats to their IT systems. The scheme is a response to the growing prevalence of cyber-attacks on businesses, such as hacking for customers’ details or extortion via ransomware.

“Much like the MoT certificate for your car indicates it is road-worthy, the Cyber Essentials certification shows that your business has passed a series of tests and follows best practices to be cyber-secure,” explains Chris Joberns, managing director for Strident.

The scheme, which is now run by the National Cyber Security Centre (part of GCHQ) and a requirement for businesses wishing to supply government departments, focuses on five key elements;

  • Secure your Internet connection
  • Secure your devices and software
  • Control access to your data and services
  • Protect from viruses and other malware
  • Keep your devices and software up to date

“As the General Data Protection Regulation comes into effect this month, many businesses have data security and data control at the top of their agenda. Although becoming Cyber Essentials certified doesn’t make you GDPR-compliant, it shows that you have considered and protected yourself against data loss through a cyber-attack,” adds Chris.

There are two certification levels; Cyber Essentials and Cyber Essentials Plus. The first is a self-assessment that consists of a check-list of requirements that demonstrates you are meeting the required standard. This is submitted to an independent assessor, such as the British Standards Institute, to review and perform a vulnerability scan. If successful, you’ll be certified for one year. Cyber Essentials Plus is a much more detailed analysis and a technical assessor will visit your premises to verify your devices and procedures.

“Strident is very proactive in IT security and many of the actions required by Cyber Essentials, such as up-to-date security patches of software, are frequently carried out by us for our customers,” says Chris. “This will enable our customers to reach the Cyber Essentials standard with ease.”