Since the launch of the Cyber Essentials scheme in 2014, IT Governance – an accredited Cyber Essentials certification body – has certified 244 companies, ranging from SMEs to large international organisations. 95% of these companies haven’t had a single data breach (that they know of) since they achieved certification, demonstrating the improved cyber security protection that can be achieved by implementing the scheme’s five security controls.
Five security controls prevent around 80% of Internet-based threats
According to the government, implementing the five security controls mandated by the scheme – secure configuration, boundary firewalls and Internet gateways, access control and administrative privilege management, patch management and malware protection – could prevent around 80% of Internet-based threats. Moreover, they can drive business efficiency, save money and improve productivity through the streamlining of processes. Download this free guide to learn more.
The process of getting Cyber Essentials certified begins with the choosing a certification body
The first step is to choose a certification body; this decision affects the way your cyber security posture is going to be assessed. Basically, the certification process is based on the submission of a self-assessment questionnaire (SAQ) to the certification body, which will then check its conformance to the Cyber Essentials requirements.
- Non-CREST-accredited certification bodies issue Cyber Essentials certificates purely on the submission of the SAQ, without assessing the status of the client’s networks and applications.
- CREST-accredited certification bodies – like IT Governance – conduct a more thorough examination of your cyber security status through an external vulnerability scan of the Internet-facing networks and applications, meaning that you will benefit from an added level of independent verification.
Conduct the entire application process online with CyberComply
With IT Governance, the entire application process can be conducted online, through the CyberComply portal. Once logged in to the portal, you will be able to define the scope, complete the SAQ and book the additional external vulnerability scan.
Tailored solutions to get you certified at your own pace
Whatever resources you have in terms of money, skilled personnel and time, IT Governance has three solutions to suit your needs when applying for either level of Cyber Essentials certification:
- Do It Yourself – The most cost-effective solution, if you are comfortable carrying out the necessary preparations yourself. With this option, you can submit the SAQ and undertake the assessments once you are ready for certification.
- Get A Little help – Choose this option if you are confident about your skills but need a little guidance to reach certification. It includes tools and online help to point you in the right direction.
- Get A Lot Of Help – If you have no prior experience implementing an information security management system, IT Governance will provide you with tools and on-site help to get you started with the certification process.