There are numerous standards associated with governance and risk management of cyber security but the government found that many common cyber attacks were succeeding due to simple technical controls not being managed. This even occurred in companies with governance standards in place.
For this reason, the government is keen that all companies, including those who already have standards such as ISO27001, gain Cyber Essentials certification. Indeed, they have made certification mandatory for government contracts which deal with sensitive or personal data from 1st October 2014. From time to time, the government also provides grants to smaller businesses for improving their cyber security posture.
As an IASME-accredited Cyber Essentials certification body, our assessments are subject to moderation and audit by IASME and/or CESG to ensure quality, conformance and consistency.
Cyber Essentials benefits
- Eligibility for free Cyber Insurance cover for up to £25,000 in the event of a breach.
- Demonstrates to customers that your business takes cyber security seriously.
- Cyber Essentials provides a clear framework of basic security controls your organisation must have in place to confidently use the internet for your business.
- Cyber Essentials Plus provides third-party assurances that your cyber security controls are operating effectively.
- It provides a good baseline for building up to a more comprehensive information assurance management system such as the IASME standard or ISO27001:2013.
- Enable you to meet the UK Government’s requirement for all suppliers bidding for certain sensitive and personal information-handling contracts to be certified against the Cyber Essentials scheme.