Cyber Essentials

Certifying that the digital risks are managed

Cyber Essentials background

Organisations have always been at risk from criminal activity, and whilst protecting against physical break in was once a priority there is now a greater risk from cyber criminals who search for easy targets to commit fraud and steal.

If you have internet access you are a target from online fraud and theft.  But help is available in the form of Cyber Essentials, a scheme promoted by the UK Government to make it easier to check you have basic protection.

Cyber Essentials requires organisations to confirm five technical controls are in place:

  1. Boundary firewalls
  2. Secure configuration
  3. User Access control
  4. Malware protection
  5. Patch management

Cyber Essentials offers a certification process so you can demonstrate that you have the essential precautions in place.

 

Self Assesment
+ remote support

Includes self assessment fee

Introduction call

Same day objective

3 hours remote support from a qualified security expert

Pre-assessment review

Same day certification objective

£590

*one off fee

Self Assesment
+ onsite support

Includes self assessment fee

Introduction call

Scheduled day visit

1 day onsite support from a qualified security expert

Full pre-assessment review

Same day certification objective

£990

*one off fee

Managed Security
ongoing service

Includes self assessment fees

Quarterly review calls

2 scheduled visits

Scheduled support from a qualified security expert

Fully managed assessment

Continuous certification objective

£155

*12 month commitment

Why get certified to Cyber Essentials?

The Cyber Essentials standard offers a sound foundation of basic measures that any organisation can implement, and we agree that implementing these controls will significantly reduce the vulnerability and provide cost effective, cyber security for any sized organisation.

If a company is subject to a cyber attack and we find they haven’t taken steps to protect people’s personal information in line with the law, they could face a fine – ICO enforcement manager

Failing to protect your organisation can be costly in other ways, following a cyber attack an investigations by the Information Commissioner’s Office found a Berkshire based firm had failed to take basic steps to protect it’s website which resulted in a fine of £60 000.

Cyber Essentials certification will help to avoid suffering an attack and being penalised for a lack of action. It is also worth noting that the new General Data Protection Regulation (GDPR) comes into force in May 2018 and will raise the profile of security and data protection.

GDPR will be the most significant change in data privacy and security regulation in 20 years, and is intended to strengthen data protection for all individuals within the European Union.

Perhaps the most critical element of GDPR is the breach notification, which mandates that the ICO must be informed within 72 hours of any data loss and users informed “as soon as possible”.

Unsuprisingly, the Cyber Essentials scheme offers a big step towards being compliant with GDPR, and we can help to put the technical controls in place and achieving certification.

 

Cyber Essentials certification process

We will work with you to ensure the correct processes are in place for each of the five technical controls to help you to certify to the Cyber Essentials standard, and this includes:

  1. Preventing unauthorised access using boundary firewalls
  2. Setting up systems uisng secure configurations
  3. Restricting access to those who need it with user access control
  4. Protecting against malware using anti-virus software
  5. Creating processes for patch management

We will work through a pre-assesment questionnaire and create a gap analysis to baseline your current situation and propose a plan to rectify any issues.  Any remedial work can be understaken by your own team or by a Sytec expert.



26 Parkers Close, Downton Business Centre
Salisbury, Wiltshire, SP5 3RB, United Kingdom

Tel:  03333 44 2222
SMS: 079 0030 0030
Fax:  03333 44 7777

Registered in England No. 4037949
VAT No. GB 712128278

Designed by Sytec 2017