Why you need Cyber Essentials
With the increasing prevalence of cyber-attacks, it’s necessary for you to protect your systems and business data from threats.
Pending changes in data protection regulations mean that liability for breaches falls upon you, as business owners and decision makers, to ensure that your business is adequately protected.
Endorsed by the BSI (British Standards Institute) among others, the Government’s Cyber Essentials scheme defines a set of basic controls to help you mitigate the risk from the most common types of cyber threats. By attaining this standard, it is estimated to reduce the threat of attack by up to 80%.
Best practice and recommendations
As well as demonstrating that you take cyber security seriously, the Cyber Essentials scheme will help you comply with associated ISO standards, the upcoming GDPR and ties in with the government’s Ten steps to Cyber Security.
At Air-IT, we are Cyber Essentials certified and accredited with many industry-leading security vendors. Through our experience, we can help you meet and exceed the requirements by making recommendations and outlining any associated actions you may need to take to gain the standard.
Five key controls used under the scheme are:
1. Secure configuration
This control requires you to have sound policies in place, together with well-defined processes to maintain your security. It recognises the fact that security is an on-going exercise.
2. Boundary firewalls and Internet gateways
You must protect your internal network against attacks from the Internet.
3. Access controls and admin privilege management
It’s important that you prevent accidental and intentional damage caused by current or former employees.
4. Patch management
Attackers constantly identify and exploit software vulnerabilities. It’s critical that you apply hotfixes and patches to address these vulnerabilities.
5. Malware protection
Most people are familiar with anti-spam and anti-virus protection, but user awareness training for employees will also fall under this control.
Why it’s important to get certified
In addition to the benefits above, certification demonstrates to your stakeholders and customers that you’re committed to keeping their data safe. It shows that you have met the assurance framework successfully and not least, will help you reduce the risks associated with cyber-attack.
Also, if you intend to bid on government contracts, certification is now a minimal requirement.
How Air-IT can help
We’ll perform an audit, and based on what we find we’ll provide a roadmap and make recommendations that help you prepare for the Cyber Essentials certification assessment.
Since cyber threats are on-going, we can also provide our managed Cyber Security services to bolster your on-going response to the cyber security challenge.
Find out more
If you would like further information about achieving Cyber Essentials, need support or advice on your cyber security needs, then please contact us today or call 0115 880 0044 to speak with an expert member of our team.