Cyber Essentials is a government-backed security assurance scheme that was developed to support the UK Government’s National Cyber Security Strategy in improving the overall security posture of UK businesses and organisations on the Internet. The scheme was created due to the growing concerns over SMEs having a lack of sustainable information. The scheme aims to help organisations defend themselves against some of the basic and common forms of cyber attacks such as:
- - Boundary firewalls and Internet gateways
- - Secure configuration
- - Access control
- - Malware protection
- - Patch management
As a member of CREST, ProCheckUp is able to certify an organisation against the Cyber Essentials standard. Upon completion, ProCheckUp will issue an official Cyber Essentials certificate.
There are two levels of Cyber Essentials available:
- - CE:Requires the organisation to complete a self-assessment questionnaire, with responses independently reviewed by ProCheckUp. Additionally, the organisation’s externally facing infrastructure will be scanned for known vulnerabilities.
- - CE+: This covers the same requirements as Cyber Essentials, but will also include an onsite test against the internal workstation builds to check for patch levels and protections against phishing & malware.
Having a Cyber Essentials badge will:
- - Show due diligence and due care in keeping the organisation’s information security posture at a reasonable standard;
- - Improve customer confidence;
- - Allow organisations to bid for government contracts - Since October 2014, Cyber Essentials has been mandatory for suppliers of Government contracts which involve handling personal information and providing some ICT products and services.