Now that we’ve covered the basics of Cyber Essentials in our latest blog let’s dive deeper into exactly what the scheme entails. How long it is valid for. As well as how we can support your business as you work through achieving the certification. It is very important your business achieves the cyber essentials certification. 61% of certified organisations say they are more likely to choose suppliers with Cyber Essentials or Cyber Essentials Plus certification.
Cyber Essentials Scheme: Overview
The Cyber Essentials scheme is an ISAMW self-assessment questionnaire process. The questionnaire will then be signed off by a member of the board or an equivalent signory. After this, it is then verified by a certification body trained and licensed to certify against the Cyber Essentials scheme (like ourselves here at The Unite Group). It is important before applying you ensure your organisation meets all the requirements. This includes having evidence ready to be provided to prove you meet the requirements.
What is in the scope for Cyber Essentials?
The scope will be agreed upon between your organisation and The Unite Group, (as your certification body), before the assessment begins. Certification can apply to your full organisation’s enterprise IT or just a subset.
How long is Cyber Essentials Valid for?
All certificates are valid for 12 months. They must be renewed annually, much like your cars MOT. This works well to ensure your organisation is protected against the latest cyber-attacks. As those carrying out attacks are constantly looking for new ways to catch out and successfully breach data. If you do not reapply for your Cyber Essentials Certification as the 12-month period expires, you will no longer be able to apply for contracts that require you to hold a valid Cyber Essentials certification – like Government contracts.
What is in the Cyber Essentials certification scheme?
The Cyber Essentials scheme covers 5 main areas:
Access control.
Having managing access to administrator accounts means you can protect who has access to your data and services.
Software Updates
Staying current with the latest software updates and security patches protects you against the newest cyber-attacks and vulnerabilities.
Firewalls & Routers
Creating a buffer-zone’ between your IT network and other external networks. This will ensure incoming traffic is analysed to find out if you would like to allow it access to your network.
Secure Configuration
Choosing the most secure setting for your device and software. As well as changing passwords and removing unused accounts and software will reduce the risk of a potential cyber-attack.
Malware Protection
Using properly configured anti-malware software will protect against viruses and other malware risks. This also includes to only allow trusted applications to run.
How long does it take between submitting the online questionnaire to receive your certificate?
The length of time it takes from application to certification can vary. Some may be verified in one or two days. Whereas, others may take around two weeks to complete the assessment. This is dependent upon your current security setup and speed of action. Those who partake in the Cyber Essentials Plus scheme should expect a longer assessment period as it involves the internal security assessment as well as an external scan.
How can we support you through the Cyber Essentials process?
Here at The Unite Group, we can provide support to you throughout the process. We are an authorised certificate issuing body for Cyber Essentials. As a result, we can manage the entire process for you from the initial audit, remedial works, and certificate issue.
Do you want peace of mind that your defences will protect you from a large amount of the most common cyber-attacks? Contact us today and our friendly, knowledgeable team will be happy to explain in more detail the Cyber Essentials certification process or help you take the first steps to achieve your Cyber Essentials Certification!