Cyber Essentials aims to help organisations implement basic levels of protection against cyber-attack, demonstrating to their clients and customers that they take cybersecurity seriously. The scheme is available at two levels:
Cyber Essentials – an independently verified self-assessment. Organisations assess themselves against five basic security controls and a qualified assessor verifies the information provided.
Cyber Essentials PLUS – a higher level of assurance. A qualified and independent assessor examines the same five controls, testing that they work in practice by simulating basic hacking and phishing attacks.
The five basic controls within Cyber Essentials were chosen because, when properly implemented, they will help to protect against unskilled internet-based attackers using commodity capabilities – which are freely available on the internet.
Organisations that undertake Cyber Essentials are encouraged to recertify at least once a year and, where appropriate, progress their security. Since 1 October 2014, Cyber Essentials became a minimum requirement for bidding for some government contracts.
If your organisation is looking to implement Cyber Essentials or would like a discussion around any aspects of IT security, please contact us, we’ll be happy to help.
Aztec are Cyber Essentials certified and our certificate can be viewed here.