Cyber Essentials is a UK government sponsored initiative, launched in 2014 for small to medium sized business to help protect them from modern day threats in an internet enabled age. Cyber Essentials is a practical set of security controls that all businesses should be employing as a base set of best-practice protections for their systems and information. Widely adopted in the UK, Cyber Essentials is a requirement for all suppliers of UK central government contracts, as well as being enthusiastically taken up by private enterprise as a means of demonstrating compliance with NCSC good practices for information security. There are two levels of certification that organisations can achieve and the scope for certification may include all or any part of the organisation as required.The five high level key control areas are:
- CYBER ESSENTIALS: Organisations self-assess their systems, and this assessment is independently verified.
- CYBER ESSENTIALS PLUS: Systems are independently tested, and Cyber Essentials is integrated into the organisation’s information risk management.
- Boundary firewalls and internet gateways
- Secure configuration
- Access control
- Malware protection
- Patch management
These are further broken down into more granular controls. The controls can also be mapped to other security management systems such as ISO/IEC 27001, although Cyber Essentials has a much narrower focus, emphasising technical controls rather than governance, risk and policy.
Lets start with what we are not. We won’t:
- We won’t guarantee you a certificate in 24 hours!
- We won’t sell you software that promises the world!
- We won’t perform a box ticking exercise and call that consultancy!
- We won’t sell you a false sense of security!
The A-GRC approach, whether it’s Cyber Essentials or Cyber Essentials Plus is teamwork.
- Provide only the level of consultancy you require, ensuring cost efficiency.
- Tailored to your organisation and needs, big or small.
- Ensure senior management buy-in, vital to the project success.
- A clearly defined scope with deliverables mapped out from the outset.
- People engagement, providing the knowledge transfer to your people to continue the work we start.
- Ongoing advice is always only a phone call away and free for past customers.
The A-GRC approach to collaborative working builds confidence at an operational and stakeholder level that inspires good practice and continuous improvement.
- Allowing you to make contractual bids, where if you were not certified, you may be precluded.
- Assuring management and customers of information security levels in place.
- Increase customer confidence in your products and services
- Demonstrating conformance to Cyber Essentials Plus and verified by a third-party Conformance Assessment Body.
- Allowing senior management to make better informed decisions on operational risk.
- A-GRC are justifiably proud of our 100% SUCCESS RATE, of achieving first time certification through an Accredited Conformance Assessment Body for our Clients
- A-GRC is committed to providing a consistently high value service to our Clients;
- David Lilburn Watson, who remains personally ‘hands-on’ throughout the process, manages this process.
- to understand how the A-GRC suite of offerings can be used to transform your business, please contact us here
- we look forward to discussing your specific requirements, at your convenience;
- you can also phone or email on the below contact information and one of our senior consultants will get back to you ASAP.