What is Cyber Essentials and What has changed in 2020
You have heard about Cyber Essentials. Either one of your tenders documents asked for it or a client of yours asked for it or you just want to go through the process and achieve the certification. Good. You heard many different things about Cyber Essentials but none of them are very clear. So what exactly is Cyber Essentials?
What is Cyber Essentials?
Cyber Essentials is a certification for businesses that was introduced and backed by the UK government and supported by the industry. When the past Cyber attacks were analysed 85% of the most common cyber attacks could have been prevented by achieving the fundamental cyber hygiene. That’s how the Cyber Essentials certification was born. As the name suggests it looks at essentials of Cyber Security in your business.
There are 5 different areas the business needs to achieve compliance in order to achieve the certification. They are Firewalls, Secure configuration, User Access controls, Patch Management and Malware management. For more information please refer to our blog post ‘Everything you need to know about Cyber Essentials’.
Why is the Cyber Essentials important?
Cyber Essentials certification has been increasingly important and being asked in a number of tender documents now. Cyber Essentials has the benefits of Staying ahead of the competition, showing your commitment to Cyber Security and most importantly, most government contracts require you to have the Cyber Essentials Certification in place. For more information please visit our blog ‘Why Cyber Essentials is important?’
What’s changed for Cyber Essentials in 2020?
Cyber Essentials certification was first introduced in 2014 in the UK and ever since there have been 5 accreditation bodies. Each accreditation body has several Certification bodies under them. All the 5 accreditation bodies had their own process for going through Cyber Essentials and Cyber Essentials Plus certifications. However, in 2019, National Cyber Security Centre (NCSC) has decided to streamline the process of achieving accreditation and have only one accreditation body to issue the certificates. IASME, one of the accreditation bodies from the 5 won the tender to manage the Cyber Essentials programme in the UK.
From 1st April 2020, there has been only one accreditation body looking after the Cyber Essentials certification. All the certification bodies have to be registered with IASME. IASME set out the standard criteria to become the Certification body and also has the process to achieve the Cyber Essentials certification.
The most noticeable change is, if a business is looking to achieve Cyber Essentials Plus certification it has to achieve the Cyber Essentials certification first. Once passed, apply for the Cyber Essentials Plus certification. In short, you will need both to achieve the advanced level of the certification.
If the business fails in Cyber Essentials the business will have 3 days to fix the issues and re-apply without any penalties/extra costs. For Cyber Essentials Plus it’s 15 days. Please look at our blog post ‘How do I pass Cyber Essentials’ to know what’s needed for Cyber Essentials.
I hope this blog has shed some light on Cyber Essentials and it’s changes. Do get in touch if you have any further questions at all. Our contact details are below. Cheers
Get certified today
Cyber Essentials Basic - CEB001
2 Days for Remediation
1 Day Turnaround
£25k Cyber Insurance*
Guided Cyber Essentials - CEB002
Everything in CEB001 plus
Cyber Essentials Plus - CEP001
Everything in CEB002 Plus
30 Day Remediation
Systems Audit (remote)
Guided CE Plus - CEP002
Everything in CEP001 plus
Pre- systems Audit
Gap Analysis report
Cyber Essentials Plus accreditation/certification explained
The article dives deep into what Cyber Essentials Plus accreditation/certification is, the requirements for the certification, cost and the process to achieve it.More
IASMECyber Essentials questionnaire
Read or Download the IASME Cyber Essentials Questionnaire pdf copy here. The questionnaire has different sections laid out for all the controls as well as providing the preparation advice.More
What is the process for Cyber Essentials Plus Certification?
Cyber Essentials Plus accreditation involves the auditing of your IT systems. Read the article to know what exactly is involved in the process.More
What exactly is involved in Cyber Essentials Plus audit?
Cyber Essentials Plus accreditation involves the auditing of your IT systems. Read the article to know what exactly is involved in he audit process.More
FOR LATEST UPDATES SUBSCRIBE HERE: