The Cyber Essentials Scheme
Cyber Essentials certification demonstrates that your organisation is protecting itself by implementing the most important cyber security controls.
SPIRiT Cyber Essentials
Whether your company is small or large; whether your IT team has the skills or there is a knowledge gap when it comes to cyber security, putting a framework in place like a government recommended set of controls can help mitigate the risk your organisation faces.
Cyber Essentials certification demonstrates that your organisation is protecting itself by implementing the most important cyber security controls. A team of experts review the scheme at regular intervals to ensure it stays effective in the ever-evolving threat landscape.
What is the Cyber Essentials Scheme?
Cyber Essentials is a government-backed certification scheme that helps keep your organisation’s and your customers’ data safe from cyber attacks.
The NCSC (National Cyber Security Centre) recommends Cyber Essentials as the minimum standard of cyber security for all organisations. The scheme that sets out a good baseline of cyber security suitable for all organisations in all sectors and addresses the following five key controls that, when implemented correctly, can prevent around 80% of cyber attacks.
Cyber Essentials helps organisations stay safe by ensuring 5 technical controls are in place.
Secure configuration
Set up computers securely to minimise ways that a cyber-criminal can find a way in
User access control
Control who can access your data and services and what level of access they have
Malware protection
Identify and immobilise viruses or other malicious software before it has a chance to cause harm
Security update management
Prevent cyber criminals using vulnerabilities they find in software as an access point to your systems
Firewalls
Create a security filter between the internet and your network
Levels of certification
Cyber Essentials
A self-assessment that demonstrates you have key controls in place to help protect against a wide variety of common cyber attacks. It includes a self-assessment questionnaire which can be purchased alongside guidance from Spirit UK. Once the questionnaire is submitted on the online platform it will be marked by one of our assessors and if successful the certificate will be awarded.
Cyber Essentials Plus
A more advanced level of the scheme that includes all steps of Cyber Essentials as well as an on-site assessment of the five technical control and an internal/external vulnerability scan across a sample of workstations and devices. Organisations must hold basic Cyber Essentials to progress to Plus and must be submitted within three months of the basic certificate award.
