What is Cyber Essentials and What has changed in 2020
You have heard about Cyber Essentials. Either one of your tenders documents asked for it or a client of yours asked for it or you just want to go through the process and achieve the certification. Good. You heard many different things about Cyber Essentials but none of them are very clear. So what exactly is Cyber Essentials?
What is Cyber Essentials?
Cyber Essentials is a certification for businesses that was introduced and backed by the UK government and supported by the industry. When the past Cyber attacks were analysed 85% of the most common cyber attacks could have been prevented by achieving the fundamental cyber hygiene. That’s how the Cyber Essentials certification was born. As the name suggests it looks at essentials of Cyber Security in your business.
There are 5 different areas the business needs to achieve compliance in order to achieve the certification. They are Firewalls, Secure configuration, User Access controls, Patch Management and Malware management. For more information please refer to our blog post ‘Everything you need to know about Cyber Essentials’.
Why is the Cyber Essentials important?
Cyber Essentials certification has been increasingly important and being asked in a number of tender documents now. Cyber Essentials has the benefits of Staying ahead of the competition, showing your commitment to Cyber Security and most importantly, most government contracts require you to have the Cyber Essentials Certification in place. For more information please visit our blog ‘Why Cyber Essentials is important?’
What’s changed for Cyber Essentials in 2020?
Cyber Essentials certification was first introduced in 2014 in the UK and ever since there have been 5 accreditation bodies. Each accreditation body has several Certification bodies under them. All the 5 accreditation bodies had their own process for going through Cyber Essentials and Cyber Essentials Plus certifications. However, in 2019, National Cyber Security Centre (NCSC) has decided to streamline the process of achieving accreditation and have only one accreditation body to issue the certificates. IASME, one of the accreditation bodies from the 5 won the tender to manage the Cyber Essentials programme in the UK.
From 1st April 2020, there has been only one accreditation body looking after the Cyber Essentials certification. All the certification bodies have to be registered with IASME. IASME set out the standard criteria to become the Certification body and also has the process to achieve the Cyber Essentials certification.
The most noticeable change is, if a business is looking to achieve Cyber Essentials Plus certification it has to achieve the Cyber Essentials certification first. Once passed, apply for the Cyber Essentials Plus certification. In short, you will need both to achieve the advanced level of the certification.
If the business fails in Cyber Essentials the business will have 3 days to fix the issues and re-apply without any penalties/extra costs. For Cyber Essentials Plus it’s 15 days. Please look at our blog post ‘How do I pass Cyber Essentials’ to know what’s needed for Cyber Essentials.
I hope this blog has shed some light on Cyber Essentials and it’s changes. Do get in touch if you have any further questions at all. Our contact details are below. Cheers
- What is Email Phishing and how to detect & prevent phishing emails?
- Cyber Essentials Scheme Patching Requirements
- Quick tips to improve your board’s cybersecurity awareness
- Cyber Essentials Plus Checklist
- How Do I Pass Cyber Essentials plus Certification?
- Why is Cyber Essentials Important?
- Protecting your Work From Home Workforce
- Risks of staying with Windows 7
- How to implement a SIEM
- Deadline for the Cyber Essentials Voucher
- Congratulations to the Techforce Sponsorship winners
- Secure Your Supply Chain
- Case study: British Airways Fined £183.4million for Data Breach
- The Silver Bullet in Cyber Security
- Is it a good idea to build your own Security Awareness Training platform?
- Invoice fraud email scams and Office 365
- How to apply for the Cyber Essentials Voucher Scheme
- 5 things to consider when selecting a Security Awareness Training (SAT) platform
- 2 Years, Marmite and £600,000
- What is Business Email Compromise (BEC) and how to stop it
- Everything you need to know about Cyber Essentials
- How to choose a Security Awareness Platform
- How to pick the best Antivirus software for your business
- 6 Quick and Easy Email Security Tips for Dummies
- How to carry out an email phishing test?
- How to share passwords safely in your Small Business
- 10 Steps to Cyber Security explained
- 5 Reasons why you should consider having two monitors
- What is Email phishing & why you need security awareness training in your business
- 6 Top Tips to Prevent Cyber Attacks
- How to choose the best IT Service Provider for your business
- How to choose the best Antivirus software for your business
What is Email Phishing and how to detect & prevent phishing emails?
Email Phishing is a form of social engineering. Phishing is the method of sending a deceptive email to make the recipient reveal sensitive information, click on a link or download a malicious file.More
Cyber Essentials Scheme Patching Requirements
You heard of the Cyber Essentials scheme. If not here Everything you need to know about Cyber Essentials. Patch management is one of the key technical controls of the Cyber Essentials Scheme.More
Quick tips to improve your board’s cybersecurity awareness
The boards of directors have a legal responsibility to protect their companies against business risk, but how to make them aware of the importance of cybersecurity?More
Cyber Essentials Plus Checklist
The UK government introduced the Cyber Essentials accreditation/certification in 2014 to protect the businesses being a victim of cyber attacks.More
FOR LATEST UPDATES SUBSCRIBE HERE: