Riverbank use Cyber Essentials as the baseline security standard for our clients to help protect themselves against cyber-attack. It is useful because it is a government created scheme and enables Riverbank to measure our customers IT security against what GCHQ recommends for business. Therefore, it is an independent and transparent standard trusted by businesses and government agencies in the UK.
Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber-attacks.
There are two options:
The ‘Plus’ option includes verification by an external auditor; it has a higher standard and is more onerous than the standard Cyber Essentials. Regardless of which one you want or need; your business will start with Cyber Essentials and then progress onto Cyber Essentials Plus.
Riverbank work with IASME, one of five companies appointed as Accreditation Bodies for assessing and certifying against the Government's Cyber Essentials Scheme. IASME also offers a GDPR Readiness certificate, so our clients often achieve a combination of certification: Cyber Essentials with GDPR readiness certificate.
Achieving the Cyber Essentials certification shows your commitment to IT security. It demonstrates to your customers and potential customers that you have the systems and procedures in place to protect your organisation and your data. You can use the Cyber Essentials logo on your web site and other marketing materials, and you will also be listed on the government’s Cyber Essentials web site.
If you want to bid for government contracts, you will need a Cyber Essentials accreditation.
IT security breaches are extremely painful and can be very costly in terms of finance and reputation. While the Cyber Essentials certification does not guarantee protection, it is a great tool to make sure you have assessed the risks and taken appropriate measures.
It is best practice for businesses to perform an annual IT security health check. By submitting to the Cyber Essentials certification process, you can make sure this gets done and benefit from the certification at the end of it.
Cyber Essentials is a self-assessment process. So, while you can take a do-it-yourself approach, many organisations need professional guidance to carry out a gap analysis to identify the areas of non-conformance. Most importantly, they need help to take the most appropriate remedial action to protect themselves without adding excessive friction to their business.
Riverbank will take you right through the process. A typical Cyber Essentials project runs like this:
After that, we can continue to work with you to monitor and manage your IT security and we will help you manage your annual renewal.