The Cyber Essentials Scheme is a cyber security standard launched in 2014 by the UK Government and endorsed by industry.
The UK Government’s Cyber Essentials scheme is designed to make the UK a safer place to conduct business online.
Cyber Essentials is relevant to all organisations, of any size, across every sector. A Cyber Essentials certificate demonstrates that your organisation is taking cyber security seriously.
The Cyber Essentials Plus scheme is a mandatory requirement for Central Government Contracts and the Crown Commercial Services (CCS) Framework.
Zuri Technologies are an IASME approved Cyber Essentials Body, offering technical services, consultancy and support to help your business to implement and certify to Cyber Essentials and Cyber Essentials Plus.
There are two levels of certification, Cyber Essentials and Cyber Essentials Plus.
A verified self-assessment, comprising of a customer questionnaire and a vulnerability assessment of external Internet connections. This questionnaire is then verified by Zuri Technologies to assess whether an appropriate standard has been achieved, and certification can be awarded.
Cyber Essentials Plus
Our team of experts conduct a combination of on-site and remote checks to assess whether relevant technical controls are in place. The assessment is based on an internal security assessment of end-user devices. This also includes the recreation of various attack scenarios which help determine basic cyber security capabilities.
Key areas of assessment
Of all devices capable of connecting to the internet, ensuring all settings are customised to the highest security standards. This includes the removal of pre-installed unused software, default passwords and disabling 'auto-run'.
Regulating the practice of ensuring all devices are upto-date with the latest software patches and operating systems.
Boundary firewalls and internet gateways
We conduct a thorough assessment of configurations. installations, and management policies including change control processes.
How effective is the anti-virus software installed on a device? Is the software regularly updated? Are the contents of emails scanned for malicious attachments?
Supports business case definition and EU GDPR remediation planning.
User access controls
Ensuring users can only access business information and systems appropriate to their general duties. We assess a variety of practices including the documentation surrounding user account creation, password strength, change frequency and perform a review of privileged accounts.
A ‘D.I.Y’ completion of the self- assessment questionnaire with telephone assistance if required.
Designed to enable you to pass 'first time', as our certified security consultants will be onsite to assist and perform a pre-infrastructure assessment providing recommendations (if required) to achieve the Cyber Essentials accreditation. This also includes a grace period to re-mediate potential issues and a free 're-test' once remediation works have been completed.
These controls provide a sound level of protection that you need to implement in your organisation to protect it from the vast majority of cyber attacks.
Enhance your business’s reputation
Increasing confidence amongst stakeholders thus opening up new commercial opportunities.
Drives business efficiency
Allowing you to focus instead on your core business objectives, saving money and improving productivity.
General Data Protection Regulation (GDPR)
Cyber Essentials implementation complements the cyber security aspects associated with GDPR.
Free Cyber Liability Insurance Cover
Upon successful completion of the assessment (terms and conditions apply).
In terms of time and cost for many SME’s to achieve a reputable cyber security accreditation.