Cyber Essentials
Help Guard Yourself Against The Most Common Cyber Threats
ABOUT CYBER ESSENTIALS
Strengthen Your Businesses Cyber Security
Cyber Essentials is a Government backed scheme that will help you to protect your business against the most common cyber attacks by auditing your infrastructure using five basic security controls.
Cyber attacks come in many forms, and the vast majority are very basic in nature, carried out by unskilled individuals. Cyber Essentials certification is designed to prevent these kind of attacks by ensuring the appropriate security measures are in place in your organization.
There are two levels of Cyber Essentials certification, Cyber Essentials and Cyber Essentials Plus. Both certifications help your business to demonstrate its commitment to cyber security.
CYBER ESSENTIALS VS CYBER ESSENTIALS PLUS
Certified by completing a self-assessment questionnaire (SAQ) which is verified by an external certification body. An affordable way to become certified.
Cyber Essentials is the fastest way for you if you want a base-level security certification, that demonstrates best security practices are in place and your internet facing networks and applications have zero vulnerabilities,
Certified by conducting a technical audit of the systems defined in the scope. Includes an in-depth on-site assessment, and internal scan and an external vulnerability test.
Cyber Essentials Plus is ideal for businesses who work in highly regulated industries, or wish to tender for larger government contracts, which require you to show a more in-depth audit of the five key controls in place
WHY DO I NEED CYBER ESSENTIALS
How It Will Benefit Your Business
Prevent Cyber Attacks
Correctly using the five basic security controls will protect your business from the most common cyber attacks
Demonstrate your Security
Certification reassures customers and demonstrates your commitment to using the highest security standards
Government Contracts
Cyber Essentials allows you to tender and work with the UK Government, Cyber Essentials Plus allows you to work with the MoD
Win New Business
Being Cyber Essentials certified will boost your reputation and give you an advantage over your competitors for new business
Reduce Insurance Premiums
Cyber Insurers will offer reduced premium’s to those businesses that have an active Cyber Essentials certification
A Clear Picture
Cyber Essentials will give you and your customers a clear picture of your organisation’s commitment to a high cyber security level
KEY CONTROLS
Cyber Essentials Five Key Controls
The UK government’s Cyber Essentials Scheme provides a set of five controls that organisations can implement to achieve a baseline of cyber security, against which they can achieve certification in order to prove their compliance.
Firewalls stop unauthorised access to and from private networks but must be set up correctly to be effective.
Boundary firewalls and Internet gateways allow you to control who can access your system and where your users can go.
Antivirus software defends against viruses and malware, while firewalls protect against external threats.
The security provided by the firewall can be adjusted like any other control function (in other words, the firewall ‘rules’).
Web server and application server configurations play a crucial role in cyber security. Failure to manage the proper configuration of your servers can lead to a wide variety of security problems.
Configure computers and network devices to reduce vulnerabilities and only provide necessary services.
This will help prevent unauthorised actions from being carried out. It will also ensure that each device discloses only the minimum information about itself to the Internet.
A scan can reveal opportunities for exploitation through insecure configuration.
It is important to keep access to your data and services to a minimum. This should prevent a criminal hacker from being presented with open access to your information.
Criminals want to get administrator rights so they can break into applications and access confidential information.
Convenience sometimes results in many users having administrator rights, which can create opportunities for exploitation.
User accounts, particularly those with special access privileges, should be assigned only to authorised individuals. They must be managed effectively, and provide the minimum level of access to applications, computers and networks.
It is vital that you protect your business from malicious software, which will seek to access files on your system.
The software can cause chaos by stealing private data, corrupting files, and blocking access until you pay a fee.
Protecting against a broad range of malware will protect your computer, your privacy and your important documents from attack.
All devices and software are prone to technical vulnerabilities. Cyber criminals can rapidly exploit vulnerabilities once they’ve been discovered and shared publicly.
Criminal hackers exploit known vulnerabilities in operating systems and third-party applications if they are not properly patched or updated.
Updating software and operating systems will help to fix these known weaknesses.
It is crucial to do this as quickly as possible to close any opportunities that could be used to gain access.
Good Cyber Security Is Good Business
GET CERTIFIED
Achieve Your Cyber Essentials Certification
Cyber Essentials has been designed in consultation with SME’s to be relatively light touch and achievable at low cost. Achievement of Cyber Essentials with Fulgent is via a three-stage process which provides support throughout.
STEP 1
Initial Gap AnalysisAt the end of the audit we’ll produce a fully costed Action Plan for achievement of the standard.
STEP 2
ImplementationWe feel it’s better than you are aware of this at this stage, rather than paying for a certification programme up front that you can’t achieve without additional investment.