The Cyber Essentials scheme has been developed by the Government and industry to fulfil two functions:
It provides clear guidance regarding the basic controls all organisations should implement to mitigate the risks from common internet-based threats.
Through the Assurance Framework it also offers a mechanism for organisations to demonstrate to customers, investors, insurers and others that the company has taken essential precautions.
Cyber Essentials offers a sound foundation of basic IT hygiene measures that all types of organisations can implement and potentially build upon. The government believes that implementing these measures can significantly reduce an organisation’s cyber vulnerability. Please bear in mind, it does not offer a silver shield to remove all cyber security risk; for example, it is not designed to address more advanced, targeted attacks and hence organisations facing these threats will need to implement additional measures as part of their security strategy. What Cyber Essentials does do is define a focused set of controls which will provide cost-effective, basic cyber security for organisations of all sizes.
Back in 2012, the UK Government launched its ‘10 Steps to Cyber Security’ and subsequently the ‘Small Businesses: What you need to know about Cyber Security’ guidance manual to encourage organisations to consider how well they were managing their cyber risks. The Government emphasised the need for company Boards and senior executives to take ownership of these risks and ensure that they have considered them adequately in their risk management regime. The initiatives gained traction and industry was very receptive to the government’s cyber security advice and guidance.
After the success of these initiatives, industry wanted evidence for their dedication to cyber security and thus the Cyber Essentials accreditation was born.
The government has since worked with industry to develop new requirements. This is the Cyber Essentials scheme, which focuses on basic cyber hygiene.
The scope of the Cyber Essentials scheme covers the basics of cyber security in a small business or corporate IT system. Implementation of these controls can significantly reduce the risk of prevalent but unskilled cyber-attacks. For many organisations, especially those with significant information assets or those that are exposed to a wider range of threats, Cyber Essentials will be a practical component of wider ranging cyber security procedures.
Boundary firewalls and internet gateways – these are devices designed to prevent unauthorised access to or from private networks. Good setup of these devices either in software/hardware form is important for them to be fully effective.
Secure configuration – ensuring that systems are configured in the most secure way for the needs of the organisation.
Access control – ensuring only those who should have access to systems do have access and at the appropriate level.
Malware protection – ensuring that virus and malware protection is installed and is up to date.
Patch management – ensuring the latest supported version of applications is used and all the necessary patches supplied by the vendor have been applied.
The basic Cyber Essentials is a self-certified process. You can go through the tick list and work on your systems yourself or alternatively we are available at Apex Computing Services Ltd to carry out the work on your behalf. We are based in Salford Quays, Manchester but can travel anywhere in the U.K.
Xyone then passes the paperwork on to APMG, who are one of the five Accreditation Bodies specially selected by the National Cyber Security Centre (NCSC) to oversee Cyber Essentials. They are like an examination body who will give you the certificate to say you have been awarded the Cyber Essentials accreditation. You will then be allowed to put the Cyber Essentials Logo on your website & in email signatures. This is a badge that demonstrates that you take cyber security seriously and are dedicated to a safer cyber environment.
To find out more about the process and the accreditation bodies, check out the link.
As stories of organisations exposing customers’ information to cyber threats continue to create headlines in the media, it is becoming increasingly important for organisations to not only maintain a robust cyber security stance but also to demonstrate this to clients.
Cyber Essentials Plus is independently tested. The Plus test doesn’t just take your word for it, an independent adjudicator is sent out to assess if what you say has been carried out. The Cyber Essentials Plus holds a higher level of assurance through the external testing of the organisation’s security approach.
For more information on Cyber Essentials or Cyber Essentials Plus, or for advice on basic Cyber Security give our Manchester based office a call on 0161 233 0099.
At Apex Computing Services, we’ve been growing with our clients year on year and now have a team of over 20 highly professional and experienced technical engineers covering all aspects of IT Support, Cloud Solutions and Network Management.
We’re proud of the service we deliver and of the relationships we build with our clients over the long term. No job is too small or too big for our qualified engineers and we cover all sectors including small businesses, large corporates and the education sector.
From Hosted Desktops and Mobile Working through to Server and Network Management, we can build and supply the solutions you require and we can install and maintain them too.
After consulting other competitors on the market we were blown away by Apex Computing. They understood our needs, offered a personal service and to date have performed exceptionally. I really can't recommend them enough.
Apex is a fantastic IT support company with great people and client service. We are in regular contact with them and have never had a bad experience. We value their knowledge here at Embryo Digital and they support us with any IT issues we have with incredible care and attention.
Our company has grown considerably since Apex first started to support us in 2009 and they have been pivotal in making sure our IT infrastructure has been able to support this growth. Our company operates 24/7 and monitors over 25,000 manned guards. Apex has always responded quickly to solve any problems and never failed to answer the phone at any time.
As soon as we joined Apex, we immediately noticed a sharp increase in the number of IT Support calls we were making; not because of any increase in the number of IT issues we were experiencing, but simply due to the fact that we knew any issues we might have would be fixed promptly and efficiently, and therefore had no inhibitions in calling on Apex for help.
We have been using Apex Computing Services for over 5 years for our IT Support. Over the years of working with Director Chris Gorman and the support engineer team they have really gone above and beyond our expectations. I trust Chris and the team to handle any of our IT support issues and find them extremely helpful and they are a joy to work with.
We have continued to get excellent service and support from Apex Computing Services. With Manchester Carers being a local independent charity, we rely on an honest, trustworthy and innovative IT support company. We are really happy with the service we have received over the years and we value their IT knowledge and expertise. They take corporate social responsibility really seriously.
As a small business we have tried to concentrate on giving service to our customers rather than spending too much time getting a proper computer system infrastructure to cope with increasing work. As a result we suffered and Apex Computing came to our rescue going beyond expectations by trying to sort our existing problem before offering a full solution. I thoroughly recommend them.
We are a full service IT Support Company offering a huge range of services, including: