Cyber essentials for business

Cyber Essentials is a new government backed and industry supported scheme to guide businesses in protecting themselves against cyber threats.

Protect your business

South West Cyber Security Cluster

South West Cyber Security Cluster A not-for-profit collaboration raising cyber security awareness and best practice in the South West for local businesses.

The Cyber Essentials scheme

The scheme provides businesses small and large with clarity on good basic cyber security practice. By focusing on basic cyber hygiene, your company will be better protected from the most common cyber threats.

Cyber Essentials is for all organisations, of all sizes, and in all sectors - we encourage all to adopt the requirements as appropriate to their business. This is not limited to companies in the private sector, but is also applicable to universities, charities, and public sector organisations.

Please visit the Cyber Essentials website to download the FREE documents on the guidance to implement essential security controls and take the quick self-assessment questionnaire. When completed your company will be able to display the Cyber Essential Badge.

The Cyber Essentials Badge

The badge allows your company to advertise the fact that it adheres to a government endorsed standard for protecting your business and your customers computer accessed information.

It will show consumers that your businesses has measures in place to help defend against common cyber threats, such as the recent GOZeuS and CryptoLocker malware attacks.

Other incentives to adopt the scheme

The scheme was introduced in April 2014. Until now, there has been no single recognised cyber-security assurance certification suitable for all businesses to adopt. Some insurers are offering incentives to businesses to become certified.

The scheme is a part of the government’s National Cyber Security Strategy.

Cyber Essentials Scheme Published

In 2012 the Government launched ‘10 Steps to Cyber Security’ and subsequently, ‘Small Businesses: What you need to know about cyber security’, guidance to encourage organisations to consider whether they were managing their cyber risks. The Government emphasised the need for company boards and senior executives to take ownership of these risks and enshrine them within their overall corporate risk management regime. However, government analysis of continuing attacks and feedback from industry vulnerability testers has identified that a number of security controls are still not being applied, leaving organisations vulnerable to threat actors with low levels of technical capability.

The full scheme, launched on 5 June 2014, enables organisations to gain one of two new Cyber Essentials badges. It is backed by industry including the Federation of Small Businesses, the CBI and a number of insurance organisations which are offering incentives for businesses.

The Cyber Essentials Requirements document sets out the necessary technical controls. The Assurance Framework shows how the independent assurance process works and the different levels of assessment that organisations can apply for to achieve the badges. It also contains guidance for security professionals carrying out the assessments.

The Cyber Essentials Scheme covers the basics of cyber security in an organisation’s enterprise or corporate IT system. Implementation of these controls can significantly reduce the risk of prevalent but unskilled cyber-attack.

A government requirement

The Government requires all suppliers bidding for certain sensitive and personal information handling contracts to be certified against the Cyber Essentials scheme.

The Government has launched the ‘Cyber Essentials’ scheme. This scheme has been developed by government and industry to fulfil two functions. Firstly, it provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet based threats. Secondly, the Assurance Framework offers a mechanism for organisations to demonstrate to customers, investors, insurers and others that they have taken these essential precautions.

© College of Policing Limited (2014)
Digest July 2014

One to watch: Everyday Cybercrime!

Content uploaded: |
Content correct on page at last modification date.
Devon and Cornwall Police are NOT accountable for the content of external websites