Cyber Essentials

CT Business Solutions (N Mcr) are now Cyber Essentials accredited implementers, allowing us to prepare businesses to proactively manage cyber threats and reduce risk of attack.

cyber Logo

The government is taking control of the ‘responsibility’ element of cyber-attacks and encouraging businesses to take ownership of the risks faced and implement a risk management scheme.

What is Cyber Essentials? Cyber Essentials has been developed by the government and industry to fulfil two functions. It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet-based threats with the government’s 10 steps to cyber security. Through the assurance framework, it offers a mechanism for organisations to demonstrate to customers, investors, insurers and others that they have taken these essential precautions.

From 1st October 2014, all companies tendering for central government contracts that involve the use and or storage of sensitive data must comply with at least the Cyber Essentials entry level certification. Moving forward, the plan is to roll this requirement out to all central and local government contracts.

Cyber Essentials –               Entry level certification.

Cyber Essentials Plus –       Higher level of implementation and verification process of security structure; giving customers, lenders and insurers a higher level of security.

The assurance framework, leading to the awarding of Cyber Essentials and Cyber Essentials Plus certificates for organisations, has been designed in consultation with SMEs to be light-touch and achievable at low cost. The two options give organisations a choice over the level of assurance they wish to gain and the cost of doing so. It is important to recognise that certification only provides a snapshot of the cyber security practices of the organisation at the time of assessment, while maintaining a robust cyber security stance requires additional measures such as a sound risk management approach, as well as on-going updates to the Cyber Essentials control themes, such as patching. But we believe this scheme offers the right balance between providing additional assurance of an organisation’s commitment to implementing cyber security to third parties, while retaining a simple and low cost mechanism for doing so.

CT Business Solutions have enrolled with the Cyber Essentials body and are ACE Implementers for the security requirement needed to pass the government’s stringent guidelines.

Cyber Essentials defines a set of controls which, when properly implemented, will provide organisations with basic protection from the most prevalent forms of threats coming from the internet. In particular, it focuses on threats which require low levels of attacker skill, and which are widely available online.

Risk management is the fundamental starting point for organisations to take action to protect their information. However, given the nature of the threat, the government believe that action should begin with a core set of security controls which all organisations – large and small – should implement. Cyber Essentials defines what these controls are.

Take action now and protect your business from possible data-theft, fraudulent bank transactions, or the possible risk of bankruptcy. Call CT Business Solutions today to see how we can help you get the security in place to give you peace of mind.