New look Cyber Essentials scheme supports organisations to stay ahead of the cyber threat
Overhaul of the technical control requirements reflect the changes in the way organisations are now working.
- Update represents biggest change to the Cyber Essentials scheme since it was launched in 2014
- Scheme revised in response to evolving cyber security challenges and increased threat of ransomware that UK businesses now face
- Speed of digital transformation, increased adoption of cloud services and home working key factors in updating the scheme
ORGANISATIONS in the UK are today (Monday) set to benefit from a refreshed government-backed scheme which supports them to protect against the majority of cyber attacks, including ransomware.
Cyber Essentials, which is developed by the National Cyber Security Centre – a part of GCHQ – and delivered by IASME, is a certification scheme that supports organisations of all sizes to guard against online threats and demonstrate a commitment to cyber security to customers and stakeholders.
It has been updated following a major technical review which will help organisations maintain their minimum cyber hygiene in an evolving threat landscape. Amongst the main changes are revisions to the use of cloud services, home working, multi-factor authentication, password management, and security updates.
Through the Cyber Essentials scheme, businesses can learn how to defend themselves by securing internet connections and devices, controlling access to data, and understanding how to protect against ransomware.
The benefits of achieving certification include being able to reassure customers that the data held by an organisation is resilient to an attack, the ability to attract new business with the promise that cyber security measures are in place, and having a clear picture of your cyber security level.
Chris Ensor, NCSC Deputy Director for Cyber Skills and Growth, said:
“The landscape in which organisations are operating in cyber space is constantly changing, and this major refresh of the technical controls reflects the cyber security challenges of today.
“We've strengthened the Cyber Essentials scheme so that it continues to meet evolving threats and the increased risk of ransomware, and I would encourage UK businesses of any size to take part in order to protect themselves from the most common attacks.”
Many of these changes have been developed by the NCSC based on the feedback of assessors and previous applicants to the scheme, as well as consultation with the Cloud Industry Forum.
From today, the refreshed Cyber Essentials scheme will also incorporate a renewed pricing structure which better reflects the increasingly complex nature of assessments for some organisations.
Achieving Cyber Essentials certification allows businesses to
- reassure customers that they have put measures in place to secure their IT against cyber attacks;
- attract new business with the promise they have independently verified cyber security measures in place;
- have a clear picture of their cyber security level, and;
- apply for some government contracts which require Cyber Essentials certification.
More information for businesses on how to achieve Cyber Essentials certification can be found on the IASME website.
The NCSC's Head of Commercial Assurance Services, Anne W, has written a blog post outlining the latest changes to Cyber Essentials.
Latest News from
MOD DE&S: Marine Systems Transformation Programme (MaST)27/05/2022 16:20:00
DE&S Ships Support will be publishing Pre Qualification Questionnaires for 3 new Multi-Supplier Frameworks (1.Spares & Consumables, 2.Maintenance, Repair & Overhaul, and 3.Technical Services) in support of the Marine Systems Transformation Programme (MaST)
Digital currencies, unlocking innovation in payments27/05/2022 09:05:00
Digital currencies are emerging across the globe, with industry-led initiatives and new projects being explored by governments. Internationally, regulators and policymakers are exploring the use cases for digital currencies, as well as the best regulatory frameworks.
RegTech on the rise to tackle fraud26/05/2022 16:15:00
RegTech, a game changer in the fight against fraud
Delivering DSIS: One year on26/05/2022 15:15:00
Minister for Defence Procurement Jeremy Quin has delivered a written statement to Parliament outlining the progress made in the first year since the publication of the Defence and Security Industrial Strategy
Regular sessions with NHS Transformation’s Adult Social Care team announced26/05/2022 09:20:00
techUK and the NHS Transformation Directorate’s Adult Social Care team have recently announced greater collaboration that will see the organisations hold bi-monthly ‘check-ins’ for techUK members.
Local Public Services Innovation: Creating a catalyst for change23/05/2022 16:25:00
techUK, in collaboration with its Local Public Services Committee, has published a new report making the case for enhanced digital innovation adoption across the UK’s local public services to improve citizens’ lives.
How the global payments landscape is rapidly evolving20/05/2022 15:20:00
The COVID-19 pandemic accelerated the digitalisation of payments, with consumers shifting from physical cash to digital and contactless payment instruments at a rate unprecedented. This development combined with the continued need to support cash and the surge of digital currencies initiatives has raised questions about the need of a renewed regulatory framework in Europe, and the United Kingdom.
Private networks: a new user guide by techUK19/05/2022 16:25:00
As technology innovation continues to allow the UK to grow its economy, technology trade association techUK recently (17 May 2022) released a new guide outlining the benefits of private networks adoption, ‘Private networks: a user guide by techUK’.