Blog

category filters go here

Improve your cyber security with Cyber Essentials

What is Cyber Essentials?

Cyber Essentials is a UK Government backed certification scheme.  It aims to help organisations of all sizes address the most common IT vulnerabilities exploited by criminals in cyber attacks.  Interestingly, many cyber attacks start in the supply chain.  For this reason, the government are aiming for organisations of all sizes in the UK to get this certification in place to improve cyber security throughout supply chains.  Indeed, certification is now mandatory for public sector organisations.  Similarly,  the government now require all of their suppliers, who handle sensitive data, to have a Cyber Essentials certificate.  Furthermore, they are encouraging big companies to follow suit and make this a requirement for their suppliers– BT, Astra Zeneca, Barclays and Vodafone are already on board!

Cyber Essentials aims to address the most basic vulnerabilities exploited in cyber-attacks (such as passwords and admin access policies).   Consequently, if properly implemented it should prevent 80% of cyber attacks. Also. certification is also a good first step towards the requirements of the EU General Data Protection Regulation (GDPR).  Cyber Essentials certification brings lots of positives to your organisation, it will help you:

  • Demonstrate to your customers that you have taken action to protect your IT systems
  • Keep your competitive edge by showing new business that you have cyber security measures in place
  • Give you a clear overview of your business’s cyber security level
  • Allow you to tender for contracts with require Cyber Essentials certification to be in place

What does Cyber Essentials cover?

The scheme focuses on five key controls :

  • Boundary firewalls and internet gateways
  • Secure configuration
  • Access control
  • Malware protection
  • Patch management

The Cyber Essentials standard has two different levels of certification: Cyber Essentials and Cyber Essentials Plus.   The basic Cyber Essentials certification requires a self-assessment questionnaire and an external vulnerability scan to be submitted to an external certifying body.  Cyber Essentials Plus certification includes all of the above plus an on-site audit.

How can we help?

Red Mosquito are ACE (Accredited Cyber Essentials) Practitioners of Cyber Essentials.  So, this means we have been externally assessed and accredited to deliver advice guidance and consultancy in Cyber Essentials.  Therefore, we can help your organisation implement the requirements of the standard by working to:

  • Complete a thorough review of your current business network and perimeter security. We will ensure you have the correct cyber security controls in place and that you are implementing and maintaining them effectively.
  •  Identify any changes required for your organisation to be compliant with the standard and work with you to make any necessary adaptations.
  • Help you define the scope of your certification and use our technical expertise to complete your customised self-assessment documentation.
  • Monitor your systems to ensure the controls remain in place making it straight forward for you to renew your certification annually.

Contact us today for a free and no obligation quotation.

RedMosquito provides IT Support and IT Security Services to SMEs in Glasgow, Edinburgh and throughout Scotland. 

 

typewriter

Is outdated technology costing your business money?

Is outdated technology costing your business money?  Unlike fine wine technology does not age well.  The rapid pace of change and short life cycle of some technology can lead many businesses to become overwhelmed with the prospect of change.    Older legacy systems may appear to still function well on the surface but unseen risks will develop below.  It may be tempting to turn a blind eye […]

What is two factor authentication?

For many years now, users have gained access to secure computing services by entering a user name and password.  This common everyday action for all of us, is called single factor authentication. While this approach has worked for a long time, it has now fallen prey to cyber criminals.  The surge in phishing attacks alongside […]

Cyber Essentials and Secure Configuration

  Cyber Essentials Certification requires 5 key cyber security controls to be in place.  This series of articles focuses on each control individually.  Today we are looking at: Secure Configuration  You can find an introduction to Cyber Essentials here. What is secure configuration?  Secure configuration is reached by choosing the most secure settings for your devices and software and managing […]