New look Cyber Essentials scheme supports organisations to stay ahead of the cyber threat
Overhaul of the technical control requirements reflect the changes in the way organisations are now working.
- Update represents biggest change to the Cyber Essentials scheme since it was launched in 2014
- Scheme revised in response to evolving cyber security challenges and increased threat of ransomware that UK businesses now face
- Speed of digital transformation, increased adoption of cloud services and home working key factors in updating the scheme
ORGANISATIONS in the UK are today (Monday) set to benefit from a refreshed government-backed scheme which supports them to protect against the majority of cyber attacks, including ransomware.
Cyber Essentials, which is developed by the National Cyber Security Centre – a part of GCHQ – and delivered by IASME, is a certification scheme that supports organisations of all sizes to guard against online threats and demonstrate a commitment to cyber security to customers and stakeholders.
It has been updated following a major technical review which will help organisations maintain their minimum cyber hygiene in an evolving threat landscape. Amongst the main changes are revisions to the use of cloud services, home working, multi-factor authentication, password management, and security updates.
Through the Cyber Essentials scheme, businesses can learn how to defend themselves by securing internet connections and devices, controlling access to data, and understanding how to protect against ransomware.
The benefits of achieving certification include being able to reassure customers that the data held by an organisation is resilient to an attack, the ability to attract new business with the promise that cyber security measures are in place, and having a clear picture of your cyber security level.
Chris Ensor, NCSC Deputy Director for Cyber Skills and Growth, said:
“The landscape in which organisations are operating in cyber space is constantly changing, and this major refresh of the technical controls reflects the cyber security challenges of today.
“We've strengthened the Cyber Essentials scheme so that it continues to meet evolving threats and the increased risk of ransomware, and I would encourage UK businesses of any size to take part in order to protect themselves from the most common attacks.”
Many of these changes have been developed by the NCSC based on the feedback of assessors and previous applicants to the scheme, as well as consultation with the Cloud Industry Forum.
From today, the refreshed Cyber Essentials scheme will also incorporate a renewed pricing structure which better reflects the increasingly complex nature of assessments for some organisations.
Achieving Cyber Essentials certification allows businesses to
- reassure customers that they have put measures in place to secure their IT against cyber attacks;
- attract new business with the promise they have independently verified cyber security measures in place;
- have a clear picture of their cyber security level, and;
- apply for some government contracts which require Cyber Essentials certification.
More information for businesses on how to achieve Cyber Essentials certification can be found on the IASME website.
The NCSC's Head of Commercial Assurance Services, Anne W, has written a blog post outlining the latest changes to Cyber Essentials.
Latest News from
A Bird’s Eye View of the Procurement Bill01/02/2023 09:25:00
The opportunities, impact, and the next steps for the Procurement Bill.
New OEP Report: “Environment in England remains under serious threat”31/01/2023 13:05:00
Report sets out recommendations to get England back on track with its environmental targets
Be part of the techUK Local Digital Capital Index Working Group!30/01/2023 10:15:00
We are inviting techUK members to apply for a position to sit on the Local Digital Capital Index Working Group and get involved in the creation of the third edition of the Index which we will publish later in this year.
Digital skills scheme for veterans backed by 6 techUK members30/01/2023 09:15:00
Tech sector firms including Capita, Northrop Grumman, Atos, Leonardo UK, Fujitsu and Leidos are supporting the 15,000 Futures initiative created by WithYouWithMe to support veterans into tech sector jobs
Quantum Computing in Energy & Utilities Day27/01/2023 09:20:00
This campaign day will be focusing on the opportunities for quantum computing applications in the energy and utilities sector. We will uncover its potential, viability, and challenges.
Voting Open: techUK Digital Twin Steering Group Chair and Vice Chair25/01/2023 16:05:00
Voting is now open for the techUK Digital Twin Steering Group Chair and Vice Chair positions. The elections will be open until 14 February 2022.
A UK Plan for Chips25/01/2023 15:05:00
The UK needs a plan for 'chips' if we are to fulfil the aim to become a science and tech superpower
Financial Services Policy Explainer | Payment Services Regulations (PSR) Review and Call for Evidence23/01/2023 11:20:00
Helping to map the UK’s Joint Regulatory Oversight Committee’s (JROC) upcoming strategic work, HM Treasury’s latest Review, and Call for Evidence of the UK’s payments regulatory environment will shape the following stages of determining digital technology suppliers’ contributions to building the payments infrastructure of UK Open Banking