Whether you’re new to Cyber Essentials or are looking to recertify, the vSOC CERT service simplifies this for you. We’ll give you a toolkit consisting of expertise and software tools to help you achieve Cyber Essentials certification. Most importantly, these features will help you stay compliant throughout the year, improving your security and eradicating future pressures on resources.
This eliminates the headaches associated with recertification, regardless of whether they’re changes within your IT environment or certification revisions. A lot can happen within a year: your organisation may open new offices, acquire a new business, or software / operating systems might become end of life.
We take a different approach to Cyber Essentials, starting with a workshop. We explain the certification process, giving you scoping and questionnaire guidance that will be updated throughout the year and providing a roadmap in which we prioritise the current risk exposure to your organisation. This will give you the remediation actions needed to become Cyber Essentials compliant.
Often, at recertification, new revisions can cause disruption and confusion. By working with us, you won’t be caught off guard by any certification changes announced by the National Cyber Security Centre (NCSC) and IASME. Through a range of means, we’ll keep you updated, be it via the vSOC Connect Console, CERT newsletter, support team or webinars.
Cyber security is what we do all day, every day. With vSOC CERT, our support isn’t just point in time but is all year round. To assist in keeping you Cyber Essentials compliant throughout the year, our highly accredited and experienced Cyber Essentials team will hold progression workshops, answer any questions, provide advice and support you with changes.
Are you invested in further improving your cyber security health? With vSOC Assure, you can achieve Cyber Essentials while accelerating your organisation’s cyber security transformation. We offer a comprehensive analysis of your cyber security posture, followed by a strategic roadmap with prioritised, actionable steps. Our experienced and accredited team are always on hand to guide you.
At Data Connect, we are cyber security focused, providing end-to-end security services to organisations.
We’re a highly experienced certification body for both Cyber Essentials and Cyber Essentials Plus. Our aim is to ensure you get the most value from the certification process, while bolstering your security and simplifying the process.
With the clear visibility provided by vSOC Connect Console, you’ll easily identify if you’re compliant with the Cyber Essentials certification. If you’ve fallen below the standard, we’ll provide a clear indication of what needs to be done to get you back to compliance
To achieve Cyber Essentials certification, you must ensure that vulnerabilities with an available patch have been updated within two weeks of the patch’s release. We’ll install a sample set of agents so we can populate a list of the vulnerabilities making you non-compliant. The dashboard includes a severity score and step-by-step remedial actions, which are prioritised in order of urgency
Our Cyber Essentials workshop will highlight any gaps stopping you from being certified. These are turned into a roadmap and prioritised into actionable steps. Allocate jobs and manage the project with full visibility across your team. Once they’re done, mark projects as completed, so they can then be verified by our tech team
For complete transparency and control over the certification journey, you’ll receive access to multiple dashboards within the vSOC Connect Console. Our team will provide an induction to the vSOC Connect Console to make sure you get the most out of it
Whether it’s your first time certifying or you are recertifying, the process can often feel long and complicated due to the number of areas or employees that need to be involved. With our vSOC Connect Console, we’ve simplified the process by giving you easy access to the question set, key dynamic metrics, support from our experts and the option to drill down into each technical control area
The dashboard has a certification tracker that shows the percentage of how far through the process you are. One important step within this process is that our Cyber Essentials assessors verify whether your answers meet the requirements before adding them to your score. This means you can have full confidence in the score you’re given
With the clear visibility provided by vSOC Connect Console, you’ll easily identify if you’re compliant with the Cyber Essentials certification. If you’ve fallen below the standard, we’ll provide a clear indication of what needs to be done to get you back to compliance
To achieve Cyber Essentials certification, you must ensure that vulnerabilities with an available patch have been updated within two weeks of the patch’s release. We’ll install a sample set of agents so we can populate a list of the vulnerabilities making you non-compliant. The dashboard includes a severity score and step-by-step remedial actions, which are prioritised in order of urgency
Our Cyber Essentials workshop will highlight any gaps stopping you from being certified. These are turned into a roadmap and prioritised into actionable steps. Allocate jobs and manage the project with full visibility across your team. Once they’re done, mark projects as completed, so they can then be verified by our tech team
For complete transparency and control over the certification journey, you’ll receive access to multiple dashboards within the vSOC Connect Console. Our team will provide an induction to the vSOC Connect Console to make sure you get the most out of it
Whether it’s your first time certifying or you are recertifying, the process can often feel long and complicated due to the number of areas or employees that need to be involved. With our vSOC Connect Console, we’ve simplified the process by giving you easy access to the question set, key dynamic metrics, support from our experts and the option to drill down into each technical control area
The dashboard has a certification tracker that shows the percentage of how far through the process you are. One important step within this process is that our Cyber Essentials assessors verify whether your answers meet the requirements before adding them to your score. This means you can have full confidence in the score you’re given
By trusting us at Data Connect, you’ll get an array of certification tools, expert support and the confidence in your procedures all year round. Our approach not only keeps you protected from the most common cyber attacks but it also saves you time and helps you control the workload more effectively each year.
There are many drivers for wanting Cyber Essentials:
Increased Credibility | Lower Insurance Premiums | Improvements to Cyber Defences | Further Understanding of the Threat Landscape | Opportunities to Bid for Government Funding or Contracts
Regardless of their size, many organisations can’t pass Cyber Essentials without effecting change. With question sets and requirements altering annually, misunderstanding the scope is a common reason for failure. However, our annual service simplifies certification, ensures compliance throughout the year and takes the headache out of your renewal.
Cyber Essentials is a UK government-backed scheme that helps organisations of any size and sector improve their cyber security and protect themselves against the most common cyber attacks. For example, by following the Cyber Essentials requirements, you can minimise the risk of phishing, malware and ransomware attacks. In fact, the CEO of the NCSC, Lindy Cameron stated that organisations with Cyber Essentials are 80% less likely to make a claim on cyber insurance than those that don't have Cyber Essentials.
The scheme is built upon organisations following the five core technical controls which are:
boundary firewalls & internet gateways
The question set works as a Cyber Essentials checklist, telling an organisation exactly what needs to be in place to meet the Cyber Essentials requirements. The question set can be found here.
However, many organisations struggle not only to pass Cyber Essentials but also to fully understand their scope without the right guidance. Getting this wrong, does not just lengthen the certification process but leaves gaps in your security as Cyber Essentials is seen as the security foundations and stops the most common cyber attacks.
Due to the certificate being valid for 12 months, this confusion often continues at recertification as business changes throughout the year or revisions to the scheme question set / IT requirements can change your answers and scope.
Cyber Essentials is a self–assessment questionnaire that an organisation must fill out. Then, a certification body, such as Data Connect, will check the answers and decide if it’s a pass or fail.
The difference between Cyber Essentials and Cyber Essentials Plus is how the Plus version is audited by the certification body rather than a simple form submission. The certification body must perform various technical tests to verify that the Cyber Essentials controls are all in place.
The certification is also valid for 12 months and an organisation must achieve Cyber Essentials first. If you are interested in Cyber Essentials Plus, as a certification body we are able to discuss your scope and the certification options available to you depending on your precise situation.
Like with Cyber Essentials, there are a vast range of benefits to the Cyber Essentials Plus certification such as improvements to your organisation’s cyber defences, lower insurance premiums and opportunities to bid for government contracts. While Cyber Essentials Plus uses the same question set and IT requirements, it is more rigorous giving your stakeholders, internal and external, far greater confidence and credibility.
The five core controls are:
Boundary Firewalls & Internet Gateways | Secure Configurations | Access Controls | Malware Protection | Security Updates
However, due to the complexity and ever-evolving nature of the threat landscape, not all of the Cyber Essentials requirements fit neatly into these five controls. The reason for this is the scheme's aim being to keep organisations protected against the most common cyber attacks, which can only be achieved if the NCSC and IASME regularly revise the criteria as a defence against emerging threats.
There’s a useful tool called the Cyber Essentials Certificate Search available on the IASME website. Through a simple directory search format, you are able search all organisations that have gained Cyber Essentials or Cyber Essentials Plus. All you need to do is enter the name of the organisation and you will be able to find out the level a business has achieved, certification numbers, the scope and certification dates.
This can be a fantastic tool if you’d like to find out who in your supply chain has Cyber Essentials or check out future suppliers/partners.