A government led initiative to protect your business.
Cyber attacks cost organisations thousands of pounds and cause lengthy periods of disruption. Do you have a plan for what you would do if your customer database was stolen, your website was forced offline, or you couldn’t access your email or business-critical data? Cyber criminals don’t just attack banks and large companies – they target any organisation which isn’t properly protected, even small businesses. The majority of cyber attacks exploit basic weaknesses in your IT systems and software. Cyber Essentials shows you how to address those basics and prevent the most common attacks. The scheme is designed by Government to make it easy for you to protect yourself.
The five controls of Cyber Essentials
Information, applications and computers within your organisation’s internal networks should be protected against unauthorised access and disclosure from the internet and attacks based on capabilities and techniques that are freely available on the internet using boundary firewalls, internet gateways or equivalent network devices.
Default installations of computers and network devices can provide cyber attackers with a variety of opportunities to gain unauthorised access to your sensitive information. They should be configured to reduce the level of inherent vulnerabilities and provide only the services required to fulfil their role.
User Access Control
User accounts with special access privileges typically e.g. administrators have the greatest level of access to data, applications and computers. When these accounts are compromised their level of access can be exploited on a large scale so they should be assigned only to authorised individuals and managed effectively.
Devices are vulnerable to attack by malicious software, particularly those that are exposed to the internet (e.g. desktop PCs, laptops and mobile devices). All your devices should use reputable, dedicated end-point protection software that will monitor for, detect, and disable viruses and malware with no exceptions
Any computer and network device that runs software can is vunerable to weaknesses or flaws. Vulnerabilities are common in many types of popular software and are discovered daily by hackers and they can quickly be exploited. Software running on computers and network devices should be kept rigorously up-to-date.
Cyber Essentials FAQ
Why should I get Cyber Essential accredited?
33% of small businesses and 65% of large businesses reported a cyber breach or attack in the past 12 months. Overall, 1 in 4 of all businesses experienced a cyber attack or breach in the past year, causing thousands of pounds worth of costs and disruption to everyday operations. Most cyber attacks are relatively basic and it’s easy to use Cyber Essentials to get good basic protections in place to prevent them. Cyber Essentials is designed by Government to protect your organisation from the most common Internet threats. Don’t delay: start protecting your business now.
How long does it take?
This depends on the size of your business, the complexity of your IT system and the extent to which you already have the technical controls in place. It might take anywhere from a few days or a few weeks for a small business, to several months for a large organisation.
Will it protect us against all cyber threats?
Cyber Essentials will protect you against the most common online threats. The scheme offers a basic level of protection and is a good place to start in protecting your company against cyber threats. Cyber Wise is the natural progression from Cyber Essentials to ensure you have complete protection throughout your business.
Does Cyber Essentials cover staff training?
No, it is a technical scheme. However, Cyber Wise covers staff training along with other additional elements required to ensure you are doing everything possible to protect your business.
What do we do next?
To learn more about we can help you apply for and obtain Cyber Essentials and how Cyber Wise enhances the Cyber Essentials certification and helps to protect you and your team from the most common and latest emerging cyber attacks call a member of the team on 0161 476 8276, alternatively you can email firstname.lastname@example.org and we will get back to you within 24 hours.