Cyber Essentials is a world-leading, cost-effective assurance mechanism for companies of all sizes. The scheme provides five security controls (secure configuration, firewalls, access controls, patch management, malware protection) that, according to the UK government, could prevent most common cyber attacks.
Recent reviews have recommended Cyber Essentials Plus as the minimum standard for healthcare providers and partners to demonstrate that they have implemented the most basic cyber security controls. In addition to a self-assessment of the five security controls and an external vulnerability scan, Cyber Essentials Plus includes an internal network vulnerability scan and an on-site assessment to thoroughly check whether the solutions you have in place comply with the control requirements.
Cyber Essentials Plus and compliance standards
The Data Security and Protection (DSP) Toolkit will come into effect in April 2018, replacing the IG Toolkit as the compliance standard for all organisations looking to connect to NHS networks.
Cyber Essentials Plus certification satisfies multiple conditions of the DSP Toolkit. Achieving certification will prepopulate many of the compliance statements within the online portal, reducing the time and cost needed to demonstrate compliance.
To discuss the changes that the DSP Toolkit will enact, talk to one of our healthcare experts.
Benefits of Cyber Essentials Plus certification
Why are healthcare organisations urged to achieve Cyber Essentials Plus certification? Because, aside from improving your cyber security posture, being certified brings a whole set of benefits:
- Enhanced business reputation;
- Protection against the majority of cyber attacks;
- Proof for your patients, customers and suppliers that you take the security of their information seriously;
- Demonstrates security and helps secure the supply chain; and
- For industry organisations, Cyber Essential Plus can help to increase your chances of securing NHS business.
Furthermore, correctly implementing the five security controls mandated by the scheme can drive business efficiency throughout your organisation, saving money and improving productivity.
As a leading CREST-accredited Cyber Essentials certification body, IT Governance provides all the tools and resources you need to achieve certification to the Cyber Essentials scheme. We deliver all the technical tests and assessments, conducted by our experienced, CREST-accredited testers. You will also benefit from the added level of independent verification of your cyber security status provided by an external vulnerability scan.
10% discount throughout March
A significant number of changes will come into effect across 2018, increasing pressure on healthcare organisations to audit and evaluate their current information security measures. IT Governance is helping organisations achieve the basic level of security and work towards compliance with industry standards by offering a 10% discount on certain Cyber Essentials Plus packages purchased throughout March. Use voucher code CE+HEALTH10 when purchasing online to apply the discount at checkout or speak to one of our experts.
Get a Little Help
We recommend this solution for organisations that are confident they have the skills to achieve Cyber Essentials Plus certification, but are unsure of their scope and do not fully understand the five controls.
Get a Lot of Help
This service is designed for organisations with little or no knowledge of the five controls and testing conditions, as well as those that do not know their scope or the IP range that should be tested. We also recommend this solution for large organisations with complex organisational structures.