Trusted Security Provider
What Are the vSOC CERT Benefits?
COME ON BOARD ANY TIME
Whether you’re new to Cyber Essentials or are looking to recertify, the vSOC CERT service simplifies this for you. We’ll give you a toolkit consisting of expertise and software tools to help you achieve Cyber Essentials certification. Most importantly, these features will help you stay compliant throughout the year, improving your security and eradicating future pressures on resources.
SIMPLIFY RECERTIFICATION
This eliminates the headaches associated with recertification, regardless of whether they’re changes within your IT environment or certification revisions. A lot can happen within a year: your organisation may open new offices, acquire a new business, or software / operating systems might become end of life.
ROADMAP FOR COMPLIANCE
We take a different approach to Cyber Essentials, starting with a workshop. We explain the certification process, giving you scoping and questionnaire guidance that will be updated throughout the year and providing a roadmap in which we prioritise the current risk exposure to your organisation. This will give you the remediation actions needed to become Cyber Essentials compliant.
STAY AHEAD OF CYBER ESSENTIALS REVISIONS
Often, at recertification, new revisions can cause disruption and confusion. By working with us, you won’t be caught off guard by any certification changes announced by the National Cyber Security Centre (NCSC) and IASME. Through a range of means, we’ll keep you updated, be it via the vSOC Connect Console, CERT newsletter, support team or webinars.
TEAM OF CYBER ESSENTIALS ADVISORS AND ASSESSORS
Cyber security is what we do all day, every day. With vSOC CERT, our support isn’t just point in time but is all year round. To assist in keeping you Cyber Essentials compliant throughout the year, our highly accredited and experienced Cyber Essentials team will hold progression workshops, answer any questions, provide advice and support you with changes.
vSOC Assure
Are you invested in further improving your cyber security health? With vSOC Assure, you can achieve Cyber Essentials while accelerating your organisation’s cyber security transformation. We offer a comprehensive analysis of your cyber security posture, followed by a strategic roadmap with prioritised, actionable steps. Our experienced and accredited team are always on hand to guide you.
At Data Connect, we are cyber security focused, providing end-to-end security services to organisations.
We’re a highly experienced certification body for both Cyber Essentials and Cyber Essentials Plus. Our aim is to ensure you get the most value from the certification process, while bolstering your security and simplifying the process.
vSOC Connect Console
-
Check Ongoing Compliance
With the clear visibility provided by vSOC Connect Console, you’ll easily identify if you’re compliant with the Cyber Essentials certification. If you’ve fallen below the standard, we’ll provide a clear indication of what needs to be done to get you back to compliance
-
Check Vulnerability Gaps
To achieve Cyber Essentials certification, you must ensure that vulnerabilities with an available patch have been updated within two weeks of the patch’s release. We’ll install a sample set of agents so we can populate a list of the vulnerabilities making you non-compliant. The dashboard includes a severity score and step-by-step remedial actions, which are prioritised in order of urgency
-
Project Management
Our Cyber Essentials workshop will highlight any gaps stopping you from being certified. These are turned into a roadmap and prioritised into actionable steps. Allocate jobs and manage the project with full visibility across your team. Once they’re done, mark projects as completed, so they can then be verified by our tech team
-
Full Service Visibility
For complete transparency and control over the certification journey, you’ll receive access to multiple dashboards within the vSOC Connect Console. Our team will provide an induction to the vSOC Connect Console to make sure you get the most out of it
-
Dynamic and Clean Dashboard
Whether it’s your first time certifying or you are recertifying, the process can often feel long and complicated due to the number of areas or employees that need to be involved. With our vSOC Connect Console, we’ve simplified the process by giving you easy access to the question set, key dynamic metrics, support from our experts and the option to drill down into each technical control area
-
Track Your Progress
The dashboard has a certification tracker that shows the percentage of how far through the process you are. One important step within this process is that our Cyber Essentials assessors verify whether your answers meet the requirements before adding them to your score. This means you can have full confidence in the score you’re given
-
Check Ongoing Compliance
With the clear visibility provided by vSOC Connect Console, you’ll easily identify if you’re compliant with the Cyber Essentials certification. If you’ve fallen below the standard, we’ll provide a clear indication of what needs to be done to get you back to compliance
-
Check Vulnerability Gaps
To achieve Cyber Essentials certification, you must ensure that vulnerabilities with an available patch have been updated within two weeks of the patch’s release. We’ll install a sample set of agents so we can populate a list of the vulnerabilities making you non-compliant. The dashboard includes a severity score and step-by-step remedial actions, which are prioritised in order of urgency
-
Project Management
Our Cyber Essentials workshop will highlight any gaps stopping you from being certified. These are turned into a roadmap and prioritised into actionable steps. Allocate jobs and manage the project with full visibility across your team. Once they’re done, mark projects as completed, so they can then be verified by our tech team
-
Full Service Visibility
For complete transparency and control over the certification journey, you’ll receive access to multiple dashboards within the vSOC Connect Console. Our team will provide an induction to the vSOC Connect Console to make sure you get the most out of it
-
Dynamic and Clean Dashboard
Whether it’s your first time certifying or you are recertifying, the process can often feel long and complicated due to the number of areas or employees that need to be involved. With our vSOC Connect Console, we’ve simplified the process by giving you easy access to the question set, key dynamic metrics, support from our experts and the option to drill down into each technical control area
-
Track Your Progress
The dashboard has a certification tracker that shows the percentage of how far through the process you are. One important step within this process is that our Cyber Essentials assessors verify whether your answers meet the requirements before adding them to your score. This means you can have full confidence in the score you’re given
Why Data Connect?
By trusting us at Data Connect, you’ll get an array of certification tools, expert support and the confidence in your procedures all year round. Our approach not only keeps you protected from the most common cyber attacks but it also saves you time and helps you control the workload more effectively each year.
- Valuable insight throughout the year about compliance
- External verification from a highly accredited security team
- Work with a business that cares about building strong relationships
- Understand your cyber security posture and bolster your security defences
Ready To Begin Your Certification Journey?
Ready To Begin Your Certification Journey?
There are many drivers for wanting Cyber Essentials:Â
Increased Credibility | Lower Insurance Premiums | Improvements to Cyber Defences | Further Understanding of the Threat Landscape | Opportunities to Bid for Government Funding or Contracts
Regardless of their size, many organisations can’t pass Cyber Essentials without effecting change. With question sets and requirements altering annually, misunderstanding the scope is a common reason for failure. However, our annual service simplifies certification, ensures compliance throughout the year and takes the headache out of your renewal.
Services
vSOC Assure
vSOC Alert
vSOC Aware
vSOC Manage
vSOC Recon
FAQs
What is Cyber Essentials?
Cyber Essentials is a UK government-backed scheme that helps organisations of any size and sector improve their cyber security and protect themselves against the most common cyber attacks. For example, by following the Cyber Essentials requirements, you can minimise the risk of phishing, malware and ransomware attacks. In fact, the CEO of the NCSC, Lindy Cameron stated that organisations with Cyber Essentials are 80% less likely to make a claim on cyber insurance than those that don't have Cyber Essentials.
The scheme is built upon organisations following the five core technical controls which are:
boundary firewalls & internet gateways​ | access controls​ | secure configurations |​ malware protection​ | security updates​
The question set works as a Cyber Essentials checklist, telling an organisation exactly what needs to be in place to meet the Cyber Essentials requirements. The question set can be found here.
However, many organisations struggle not only to pass Cyber Essentials but also to fully understand their scope without the right guidance. Getting this wrong, does not just lengthen the certification process but leaves gaps in your security as Cyber Essentials is seen as the security foundations and stops the most common cyber attacks.
Due to the certificate being valid for 12 months, this confusion often continues at recertification as business changes throughout the year or revisions to the scheme question set / IT requirements can change your answers and scope.
What is Cyber Essentials Plus?
Cyber Essentials is a self–assessment questionnaire that an organisation must fill out. Then, a certification body, such as Data Connect, will check the answers and decide if it’s a pass or fail.
The difference between Cyber Essentials and Cyber Essentials Plus is how the Plus version is audited by the certification body rather than a simple form submission. The certification body must perform various technical tests to verify that the Cyber Essentials controls are all in place.
The certification is also valid for 12 months and an organisation must achieve Cyber Essentials first. If you are interested in Cyber Essentials Plus, as a certification body we are able to discuss your scope and the certification options available to you depending on your precise situation.
Like with Cyber Essentials, there are a vast range of benefits to the Cyber Essentials Plus certification such as improvements to your organisation’s cyber defences, lower insurance premiums and opportunities to bid for government contracts. While Cyber Essentials Plus uses the same question set and IT requirements, it is more rigorous giving your stakeholders, internal and external, far greater confidence and credibility.
What are the 5 core technical controls within Cyber Essentials?
The five core controls are:
Boundary Firewalls & Internet Gateways | Secure Configurations | Access Controls | Malware Protection | Security Updates
However, due to the complexity and ever-evolving nature of the threat landscape, not all of the Cyber Essentials requirements fit neatly into these five controls. The reason for this is the scheme's aim being to keep organisations protected against the most common cyber attacks, which can only be achieved if the NCSC and IASME regularly revise the criteria as a defence against emerging threats.
Where can I check who has Cyber Essentials?
There’s a useful tool called the Cyber Essentials Certificate Search available on the IASME website. Through a simple directory search format, you are able search all organisations that have gained Cyber Essentials or Cyber Essentials Plus. All you need to do is enter the name of the organisation and you will be able to find out the level a business has achieved, certification numbers, the scope and certification dates.
This can be a fantastic tool if you’d like to find out who in your supply chain has Cyber Essentials or check out future suppliers/partners.