With nearly a million Malware threats per day, cyber security is an essential requirement for any organisation and cannot be an afterthought.
The Cyber Essentials accreditation was launched in 2014 and was developed by the Government to provide a universal framework for all organisations. It provides a base level that businesses of all sizes can adhere to, ensuring confidence when working with partner organisations. In addition to providing confidence externally, it also provides an additional level of confidence internally, as Managers can feel safe in the knowledge that a best practice framework exists in the organisation.
The accreditation has been developed on the basis that bringing organisations to the table with the same basic level of security processes will reduce risk and increase confidence. It is a strategy that has paid off, with more than 200 organisations implementing the framework in less than two years. The more advanced version of the framework, Cyber Essentials Plus, has also seen impressive uptake. Roughly one in four accredited Cyber Essential organisations have adopted the additional certification.
It conveys to other organisations that you are serious about you clients and their security. While it is not a “Magic Bullet” and does not remove all risk associated with cyber security, it does remove everyday risks that can be easily avoided. It provides a cost-effective, basic level of protection that defines what cyber security is and why it is important. It provides a framework that can be adopted by the entire organisation, it is a best practice example and one that would be beneficial to organisations of any size.
More advanced attacks are much harder to defend against. Cyber Essentials will not provide the protection that is required to defend against these intrusions into your system but it hasn’t been designed that way. To roll out a certification that included prevention against all types of cyber-attack would be a monumental undertaking and not a cost effective one. What Cyber Essentials does well is that it treats businesses of all sizes the same. It provides them with an even playing field, with additional measures to be invested in if the business feels that they are appropriate.
Local authorities, other public sector and 3rd sector organisations need to be able to demonstrate an adequate level of cyber security if they are to take advantage of Internet-based resources. With this in mind Cyber Essentials/Cyber Essentials Plus Certification is fast becoming the new security baseline. This standard is maturing and becoming broadly commensurate with PSN standards and having it also ticks many of the boxes required for the new NHS Data Security and Protection Toolkit (DSP), formerly known as the IG Toolkit.
Hytec is pleased to be able to offer clients a free of charge Cyber Essentials gap analysis and report include a cyber-security maturity assessment. The gap analysis, maturity assessment and report is delivered by an experienced cyber security consultant and takes about half a day. The work will involve the production of a report that can be used for corrective actions and for general security baselining.