What is Cyber Essentials?
Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks.
There are two options:
- Cyber Essentials
- Cyber Essentials Plus
The ‘Plus’ option includes verification by an external auditor; it tends to be much more onerous than the standard Cyber Essentials.
We work with IASME, one of five companies appointed as Accreditation Bodies for assessing and certifying against the Government’s Cyber Essentials Scheme. IASME also offers a GDPR Readiness certificate, so our clients often achieve a combination of certification:
- Cyber Essentials with GDPR readiness certificate
Why Cyber Essentials?
Achieving the Cyber Essentials certification shows your commitment to IT security. It demonstrates to your customers and potential customers that you have the systems and procedures in place to protect your organisation and your data. You can use the Cyber Essentials logo on your website and other marketing materials and you will also be listed on the government’s Cyber Essentials web site.
If you want to bid for government contracts you will need to be Cyber Essentials compliant.
IT security breaches are extremely painful and can be very costly in terms of finance and reputation. While the Cyber Essentials certification does not guarantee protection, it is a great tool to make sure you have assessed the risks and taken appropriate measures.
How Riverbank can help
Cyber Essentials is a self-assessment process. So, while you can take a do-it-yourself approach, many organisations need professional guidance to carry out a gap analysis to identify the areas of non-conformance. Most importantly, they need help to take the most appropriate remedial action to protect themselves without adding excessive friction to their business.
Riverbank will take you right through the process, from initial assessment to certification. After that, we can continue to work with you to monitor and manage your IT security and manage your annual renewal.
There are four steps to Cyber Essentials certification.
To prepare your company for Cyber Essentials the process starts with a security gap analysis. Riverbank will come on-site to gather the information required and prepare a gap analysis. This will produce a statement of where there are gaps that need to be filled prior to taking the Cyber Essentials assessment.
The next step is ensuring that there are the technologies, services and policies in place to get your cyber security up to the standard required for Cyber Essentials. We will supply, install and manage the solutions you need. If you have any specialist requirements, we will help you identify the right suppliers.
Once your business’s security is up to standard, the next step is to complete the assessment questionnaire and submit to the accreditation body. Riverbank will do this and, because we have done the work prior to the assessment, all the major steps should be covered. If there are any outstanding items, we have 48 hours to resubmit the questionnaire for approval.
Security and the threats are constantly evolving and because of this security is not a “set it and forget it” activity. Your security needs to be reviewed at least annually via a Cyber Security re-assessment. You also need a partner that can manage and monitor your environment to identify and take action against any threats on a day to day basis.
To find out more about Cyber Essentials, contact us via email or on 01235 426 700. Alternatively, fill in the form below.