The Cyber Essentials scheme is a fantastic way to improve your cyber security defences while assuring your customers and partners that you take cyber security seriously. Level 1 of the Cyber Essentials standard consists of a self-assessment in which you’ll confirm that your organisation has all the appropriate controls in place. An organisation has two options: it can either complete the self-assessment internally or work with an experienced certification body throughout the process.
With Level 2, which is Cyber Essentials Plus, unlike with the self-assessment version, a certification body must perform an audit to check that you’ve successfully met all five technical controls. The specifications needing to be met can raise many unknown questions regarding your organisation’s current security health. However, by opting for the audited Cyber Essentials standard, you can feel confident as a cyber security focused company will support you throughout the process and verify your answers.
With the help of the Data Connect team, you can rest assured that the certification process will be transparent and smooth.
Cyber Essentials is a government-backed scheme that outlines the five technical controls an organisation must have to ensure an effective level of security. The technical controls are firewalls, secure configuration, user access control, malware protection and patch management. The National Cyber Security Centre (NCSC) has assured organisations that, with Cyber Essentials, the most common cyber attacks can be prevented.
As the threat landscape evolves, the technical requirements can be updated by the two governing bodies, the NCSC and IASME, to reflect new security vulnerabilities. An organisation needs to reapply for the Cyber Essentials certification every 12 months, which validates that your current security protocols are effective in the current threat landscape.
Some organisations have the internal resources and experience to carry out the self-assessment process confidently and without guidance. If you choose this approach, you can select a trusted certification body to assess your completed questionnaire.
The Cyber Essentials Review Toolkit gives you a comprehensive set of tools and ongoing support from our cyber security experts throughout the year. Our technology and consultancy will simplify the certification process and ease your recertification for years to come.
At Data Connect, Cyber Essentials is more than ticking a box. We use the certification journey to understand your organisation’s challenges and IT environment, helping you understand the complex nature of current threats and keeping you on track for future compliance recertifications.
Please answer the following questions and complete the contact form to submit. A member of our team will be in touch shortly.
The Cyber Essentials Plus audit is an independent verification of the controls to which you will attest to within the Cyber Essentials questionnaire. The auditor will run tests on a sample set of devices for which your end users should be present and should run the tests under the guidance of the assessor. So long as the questionnaire has been answered correctly, your organisation should be able to pass the Cyber Essentials Plus standard.
This can vary dependant on the organisation. However by working with Data Connect we optimise the certification process by checking your technical controls and sorting out any issues before the Cyber Essentials Plus audit.
There are five core technical controls which include secure configurations, security updates, boundary firewalls and internet gateways, access controls and malware protection.
Yes due to Cyber Essentials being an internationally recognised standard. We have helped many international organisations achieve Cyber Essentials. In many cases, these businesses wanted to increase credibility within the UK market.
By working with Data Connect, you can be confident that your organisation is in the right hands. You'll be given a dedicated account manager who will continue to work with you. This means that they will be invested in you and your organisation, checking in and reminding you of future renewal dates.
Additionally, you can subscribe to our vSOC CERT (Cyber Essentials Review Toolkit) service, which allows you to check whether you are Cyber Essentials compliant throughout the year. You will have access to a range of benefits and powerful tools, while streamlining recertification.