Cyber Essentials Assessment
What is a Cyber Essentials Assessment?
Cyber Essentials is a government backed scheme to help safeguard your organisation from some of the most common security risks which are prevalent in the world and provides you and your clients with a level of assurance that your systems are protected.
Get certified in 3 easy steps
Complete a simple online questionnaire.
Schedule your external vulnerability scan.
If everything is a pass we'll send your certificate.
Why Conduct A Cyber Essentials Assessment?
A large number of security incidents which occur are often the result of common attack vectors and automated exploit tools. Cyber essentials is a government backed scheme designed to assess your organisation against a number of these common attack techniques to provide an industry recognised security standard which can provide a level of assurance to your clients that you manage and maintain your data and systems securely.
The assessment has also become a requirement for those organisations wishing to bid for central government contracts which involve sensitive or personal data or the provision of technical products and services.
The Cyber Essentials Certification
The Cyber Essentials scheme breaks down into two Certifications, each of which assess your organisations policies, configurations and devices against a number of security standards to ensure your systems are safeguarded against the following categories.
Boundary Firewalls and Internet Gateways
The Cyber Essentials scheme aims to assess your organisation against a number of categories to ensure you are meeting a baseline security standard for policies, procedures and configurations.
The assessment also includes security testing against a range of common and automated threats which may target your publicly accessible systems.
Cyber Essentials PLUS
The Cyber Essentials PLUS scheme expands upon the Cyber Essentials scheme by incorporating an onsite assessment against a number of your key systems which are used on a day to day basis.
The Cyber Essentials scheme will allow your organisation to:
Improve the security of your services and systems against a government backed scheme
Provide assurance regarding your systems against a baseline security standard
Meet industry and regulatory body requirements for Cyber Essentials to be performed.
Gain access to a dedicated team of specialist CREST Registered penetration testers who will guide you through the Cyber Essentials process
+ Q: What is the difference between Cyber Essentials and a Penetration Test?
A penetration test is a manual and exhaustive assessment against your systems which seeks to identify any and all vulnerabilities and security issues which may be present or exploited by either an automated or targeted attack.
Cyber Essentials provides a baseline security standard for your organisation and safeguards against an array of common vulnerabilities but does not match the comprehensive assessment standards which a manual penetration test can provide.
+ Q: Why do I need to be Cyber Essentials Certified?
Many organisations will request evidence that you are treating security seriously and have protected your systems from the threat of compromise.
The Cyber Essentials scheme provides a baseline and industry recognised security standard which can be used to demonstrate your commitment to security and is a requirement for central government contracts which involve sensitive or personal data or the provision of technical products and services.
+ Q: What will I receive after the assessment has been completed?
The deliverable from any Cyber Essentials assessment is a complete report, detailing and contextualizing each identified vulnerability against your business and relaying the risks that each issue poses to your systems and services.
Upon successfully passing the Cyber Essentials scheme your organisation will receive a certificate and reference number to confirm the completion of your assessment and may be listed under the Cyber Essentials organisation registry.
Your organisation will also be able to use the Cyber Essentials branding on your website and a number of other promotional material.
+ Q: What systems are included within a Cyber Essentials assessment?
The scope for a Cyber Essentials and Cyber Essentials PLUS assessment can vary on a case by case basis depending upon your company’s specific setup and requirements.
To discuss the requirements for any Cyber Essentials assessment, please get in touch.