CyberEssentials is a government-backed cyber security certification scheme that sets out a good baseline of cyber security suitable for all organisations in all sectors. The scheme addresses five key controls that, when implemented correctly, can prevent around 80% of cyber attacks.

The CyberEssentials scheme is increasingly popular within the private sector; more than 1,200 organisations have adopted the scheme to date.

Insurance firms have recognised that CyberEssentials certification is a valuable indicator of a mature approach to cyber security and, according to a government report, CyberEssentials certification can also contribute to the reduction of risk.

CyberEssentials:

  • Delivers the basic controls that all organisations should implement to mitigate the risk from common Internet-based threats;
  • Provides a mechanism for organisations to demonstrate to customers, investors, insurers and others that they have taken essential precautions to secure against the majority of cyber risks;
  • Enables companies to successfully tender for government contracts. View the UK Government’s procurement policy notice here.

Implementing the following CyberEssentials controls will help your business stay secure by:

  • Ensuring your computers and network devices are configured properly, to identify systems or databases that you no longer need or use and reduce the level of inherent security vulnerabilities;
  • Using boundary firewalls to monitor traffic to your office network; enabling you to block attackers and external threats;
  • Managing access control and administrative privileges, eroding the opportunity for staff to install time-wasting software on to their computers, as well as removing the insider threat;
  • Keeping on top of software patching and licensing, making your company more secure;
  • Implementing appropriate malware protection, reducing downtime and reducing the likelihood of virus infection and data theft.

It is important to note that CyberEssentials is not the same as GDPR.

If you would like honest, no-nonsense advice on your companies security including assistance in obtaining CyberEssentials certification, please don’t hesitate to get in touch.