Cyber Essentials Plus for healthcare
The Cyber Essentials scheme is a world-leading, cost-effective assurance mechanism for organisations to help demonstrate that the most basic cyber security measures are in place. Certification can be achieved at two levels, Cyber Essentials and Cyber Essentials Plus.
Recent reviews have recommended Cyber Essentials Plus as the minimum standard for healthcare providers and partners to demonstrate that they have implemented the most basic cyber security controls. For more information about the Cyber Essentials scheme and how it can help you guard against the most common cyber threats, download the free guide.
The five security controls
In addition to a self-assessment of the five security controls and an external vulnerability scan, Cyber Essentials Plus includes an internal network vulnerability scan and an on-site assessment to thoroughly check whether the solutions you have put in place comply with the control requirements.
The National Cyber Security Centre (NCSC), National Data Guardian Review and Smart review highlight the need for all organisations to achieve Cyber Essentials Plus certification by 2021.
“Recommendation 1: All NHS organisations are to develop local action plans to achieve compliance with the Cyber Essentials Plus standard by June 2021, as recommended by the NCSC.”
- William Smart, Chief Information Officer for Health and Social Care, Lessons learned review of the WannaCry Ransomware Cyber Attack
Cyber Essentials Plus and compliance standards
The Data Security and Protection (DSP) Toolkit has now replaced the Information Governance (IG) Toolkit as the compliance standard for all organisations looking to connect to NHS networks.
Cyber Essentials Plus certification satisfies multiple conditions of the DSP Toolkit. Achieving certification will prepopulate many of the compliance statements within the online portal, reducing the time and cost needed to demonstrate compliance.
Click here for more information on the DSP Toolkit >>
Cyber Essentials is as crucial to healthcare industry partners as it is to healthcare providers. Cyber criminals will exploit any vulnerability in the supply chain to gain access to information networks, resulting in unmitigated access to patient records and valuable healthcare data.
Cyber Essentials Plus can minimise the risk of a data breach and demonstrate that your organisation prioritises cyber security, helping you to secure NHS contracts.
NHS industry partners will be required to comply with the DSP Toolkit from April 2018. Cyber Essentials Plus can help speed up the connectivity and supply process by fulfilling and prepopulating compliance statements within the DSP Toolkit portal.
More information on the DSP Toolkit for healthcare industry partners is available from our healthcare experts >>
Benefits of Cyber Essentials Plus
Protect your organisation from approximately 80% of cyber attacks
Courses are delivered at our public training centres, Live Online, e-learning, distance learning or as convenient in-house training sessions.
Drive business efficiency
Focus on your core business objectives knowing that you are protected from the majority of cyber attacks.
Demonstrate security and help secure the supply chain
Demonstrate your commitment to protecting your own data and that of your customers and suppliers.
Increased chance of securing business
Boost your reputation and have a greater chance of winning contracts.
Why choose IT Governance for Cyber Essentials certification?
IT Governance is the leading CREST-accredited certification body and has awarded hundreds of certifications, with many more companies achieving certification every day. Our Cyber Essentials clients include NHS Professional, Health Management Ltd and the Professional Standards Authority for Health and Social Care.
See the full list of organisations we’ve certified to the Cyber Essentials scheme >>
Speak to an expert
For more information and tailored guidance for your organisation, speak to one of our healthcare experts.