Cyber Essentials fulfils two key functions:
- It provides a statement of the basic controls that all organisations should implement to mitigate the risk from common cyber threats
- It lays out a foundation of basic measures and procedures that organisations should put in place
How does the Cyber Essentials Scheme help your organisation?
Although it does not offer a solution to reduce all cyber security risks, nor does it address more advanced threats, it is often considered sufficient protection for the most common threats to most Small to Medium businesses.
As of October 2014, certain ICT Government contracts will only be awarded to companies which have been assessed as meeting the Cyber Essentials standards.
What is the process?
First talk to Grafx so we can help determine which level of Cyber Essentials that would best fit your organisation.
Cyber Essentials – a foundation level certification which organisations can get following a verified self-assessment. It offers a basic level of assurance and can be achieved for a relatively low cost.
Cyber Essentials Plus – a certification obtained after a more complex process of external and internal independent testing. It offers a much higher level of assurance by covering 5 areas:
- Boundary Firewalls and internet gateways
- Secure Configuration
- User Access Control
- Malware Protection
- Patch Management