Cyber Essentials overview and requirements

Cyber Essentials is one of the easiest and most effective ways to know that you have done your due diligence on Cybersecurity for your business.

Not only does it protect you against the common cyber threats out there, but it demonstrates to others that you’ve done so.

If you’re bidding for a government contract or want to aim for partnerships with large organisations it’s essentially a must these days.

But what is Cyber Essentials exactly? What are the requirements? Why is it important?

Let’s find out:

What is Cyber Essentials?

It’s easiest to think of Cyber Essentials as a checklist of cybersecurity tasks. If you complete them, you get a certification from the National Cyber Security Centre (NCSC).

The Cyber Essentials scheme is backed by the UK government as it is a straightforward way to know that an organisation has done its groundwork to protect itself (and its partners and customers).

Cyber Essentials and Cyber Essentials Plus – what’s the difference?

There are two different levels of certification in the Cyber Essentials scheme:

  1. Cyber Essentials – the standard level includes a checklist of “security controls” (tasks, systems, and processes) you must have in place and assess yourself as meeting.
  2. Cyber Essentials Plus – at the more advanced level you will have your efforts assessed by an external specialist.

Why is Cyber Essentials certification important?

1) Know you are cybersecure

Many organisations struggle to know exactly what targets they are trying to hit when it comes to cybersecurity.

Cyber Essentials does away with the mystery. You’ll know exactly what you need to be aiming at.

If you do everything needed for the base-level certification, you should stop 4 out of every 5 cyber attacks.

2) Demonstrate your security to your clients

Data breaches and hacks where client information was stolen are in the news depressingly often (with the responsible brands taking reputation hits).

Modern consumers are increasingly aware that businesses that have their details should have the security in place to protect them.

Basic cybersecurity measures like those outlined in the Cyber Essentials scheme give existing and potential new clients peace of mind that you are protecting their data.

3) It’s required for many contracts

As mentioned, you need to be Cyber Essentials certified in order to bid for government contracts.

But it’s becoming more common in general business too. No one wants their own hard work protecting their company to be undermined by a careless new partner or supplier.

Cyber Essentials requirements – what are they?

There are five different requirements for the Cyber Essentials scheme:

  1. Firewalls – should only allow necessary network services access to the internet and keep them secure when they’re there.
  2. Malware and untrusted software cover – should be in place on every device.
  3. Proper configuration – all devices should be securely configured so they don’t provide extraneous services that may create security gaps.
  4. User Access – should be restricted to authorised people and the specific services they need to access.
  5. Security updates – should be managed and regular so that no known issues aren’t protected against.

Start your road to Cyber Essentials today

Cyber Essentials isn’t too complex and doesn’t have a high price tag attached. Compared with the risks of not being cybersecure, the cost is minuscule.

You can start with a simple Cyber Essentials readiness assessment today. If you’re already on Microsoft 365, you might find part of the work is already done for you.

Even if not, it’s time to get started. The first steps can be pretty straightforward (especially if you have a little expert help on your side).

Dial A Geek are now a Cyber Essentials Certification Body.

Want to talk it over? Let us know where your business is now and where you’d like it to be in 5 years time. We’ll let you know whether Cyber Essentials is the way to go. We can even do it all for you, from making sure you’re ready to pass, to awarding the certification!

Dial A Geek has helped over 1000 organisations in Bristol and beyond protect and grow their business.

Set up a cost and commitment-free chat with Chief Geek Gildas Jones today.

ALL ARTICLES