Blog

category filters go here

Improve your cyber security with Cyber Essentials

What is Cyber Essentials?

Cyber Essentials is a UK Government backed certification scheme.  It aims to help organisations of all sizes address the most common IT vulnerabilities exploited by criminals in cyber attacks.  Interestingly, many cyber attacks start in the supply chain.  For this reason, the government are aiming for organisations of all sizes in the UK to get this certification in place to improve cyber security throughout supply chains.  Indeed, certification is now mandatory for public sector organisations.  Similarly,  the government now require all of their suppliers, who handle sensitive data, to have a Cyber Essentials certificate.  Furthermore, they are encouraging big companies to follow suit and make this a requirement for their suppliers– BT, Astra Zeneca, Barclays and Vodafone are already on board!

Cyber Essentials aims to address the most basic vulnerabilities exploited in cyber-attacks (such as passwords and admin access policies).   Consequently, if properly implemented it should prevent 80% of cyber attacks. Also. certification is also a good first step towards the requirements of the EU General Data Protection Regulation (GDPR).  Cyber Essentials certification brings lots of positives to your organisation, it will help you:

  • Demonstrate to your customers that you have taken action to protect your IT systems
  • Keep your competitive edge by showing new business that you have cyber security measures in place
  • Give you a clear overview of your business’s cyber security level
  • Allow you to tender for contracts with require Cyber Essentials certification to be in place

What does Cyber Essentials cover?

The scheme focuses on five key controls :

  • Boundary firewalls and internet gateways
  • Secure configuration
  • Access control
  • Malware protection
  • Patch management

The Cyber Essentials standard has two different levels of certification: Cyber Essentials and Cyber Essentials Plus.   The basic Cyber Essentials certification requires a self-assessment questionnaire and an external vulnerability scan to be submitted to an external certifying body.  Cyber Essentials Plus certification includes all of the above plus an on-site audit.

How can we help?

Red Mosquito are ACE (Accredited Cyber Essentials) Practitioners of Cyber Essentials.  So, this means we have been externally assessed and accredited to deliver advice guidance and consultancy in Cyber Essentials.  Therefore, we can help your organisation implement the requirements of the standard by working to:

  • Complete a thorough review of your current business network and perimeter security. We will ensure you have the correct cyber security controls in place and that you are implementing and maintaining them effectively.
  •  Identify any changes required for your organisation to be compliant with the standard and work with you to make any necessary adaptations.
  • Help you define the scope of your certification and use our technical expertise to complete your customised self-assessment documentation.
  • Monitor your systems to ensure the controls remain in place making it straight forward for you to renew your certification annually.

Contact us today for a free and no obligation quotation.

RedMosquito provides IT Support and IT Security Services to SMEs in Glasgow, Edinburgh and throughout Scotland. 

 

Brexit IT Funding

Grant funding for Brexit related IT costs

From 29 July 2020 businesses can apply for IT grant funding to cover IT expenditure needed to meet the requirements of Brexit. Staged border controls will begin in January 2021, at the end of the transition period. The Government is making funding of £50 million available to help businesses prepare for the additional customs declarations which will come in to play at that […]

penetration testing

What is Penetration Testing?

Penetration testing can be a useful tool for businesses to utilise as part of a cyber security audit.  Regular penetration testing will help your business identify any weaknesses, in your IT systems or applications, before they are exploited.   They can be a valuable tool in your multi-layered cyber security defence – if they are planned and executed properly! RedMosquito manages penetration testing for many of our IT […]

21 Jul 2020
Phishing Malware Email

Covid 19 Scams and Hacks on the Rise.

Recent reports say that the quantity of Covid 19 scams and hacks directed at homeworkers during the Coronavirus lockdown has grown considerably. The variation and sophistication of the attacks is also on the rise reported Darktrace in a recent article in The Guardian newspaper. Exploitation of homeworkers during the Covid 19 shutdown has increasingly become […]

23 Jun 2020