Cyber Essentials is a Government backed scheme that aims to help protect organisations of all sizes from the most common types of cyber attacks.
Many organisations, especially smaller and newly established organisations, have limited controls developed or implemented to secure and protect their information systems and data. Using Cyber Essentials as the first step on a journey towards better information security is a great starting point and provides a foundation to progress towards other standards such as ISO 27001.
Contact Us
Cyber Essentials Certification consists of a self-assessment, which reviews your organisation’s current security measures. This first level of Certification shows you how to address the cyber security basics using simple security controls, protecting your organisation from the most common types of attacks.
The next level of Certification is Cyber Essentials Plus. This involves a more in-depth review and technical validation of your organisation’s security during an external audit, verifying that the Cyber Essentials controls are in place.
The first stage of the process is to undertake a self-assessment against the criteria of the Cyber Essentials standard, which will then be assessed by a Certification Body at a fixed cost based on your organisation’s size. 3B Data Security is a Certification Body appointed by IASME to conduct these assessments.
The Cyber Essentials scheme covers core information security approaches, policies and controls that even the smallest organisations can implement quickly, easily and affordably.
There are five core control areas which are covered in the assessment: Boundary firewalls and internet gateway, secure configuration, access control, malware protection, and patch management.
A successful self-assessment can lead to Cyber Essentials Certification.
To achieve Cyber Essentials Plus Certification, 3B Data Security will then carry out an external assessment of the controls implemented in the initial Cyber Essentials assessment. This assessment will be performed through an audit and penetration test to verify that the controls are operating as described.
A successful audit would lead to the Cyber Essentials Plus Certification. The Cyber Essentials Plus Certification is to be completed within 90 days of passing the initial Cyber Essentials assessment. Both certifications are valid for one year, after which both levels would be reassessed to maintain certification.
Get in touch today to find out more about Cyber Essentials Certification, and how the team at 3B Data Security can help your organisation.
At 3B Data Security, we have a team of expert Cyber Essentials Assessors, who with their set of skills and experience, can work to get you certified in no time.
3B Data Security’s assessors are all experienced and qualified auditors who have specialisms in the Cyber Essentials standard and other schemes such as IASME Cyber Assured, ISO 27001, PCI DSS, GDPR. They are also accredited IASME Cyber Advisors.
Our security testing team are all qualified penetration testers who are experts in ensuring your systems and networks are as secure as possible. They’ll work to ensure you are secure, not just compliant.