In April 2023, the NCSC and its Cyber Essentials delivery partner IASME will update the technical requirements for Cyber Essentials. The updates will help ensure the scheme continues to support UK organisations to protect themselves against cyber threats.
The Cyber Essentials scheme is an information security standard that offers an affordable and effective level of assurance for businesses of all sizes and comes in two ‘flavours’ – the base Cyber Essentials and the more demanding Cyber Essentials Plus. The programme sets out five key technical controls to help businesses with cyber protection, which will help protect you against the most common cyber threats. In fact, the cyber security certification aims to reduce an organisation’s risk of attack from internet-borne threats by around 80%.
You can find more about Cyber Essentials requirements here.
After a major update last year – the most significant update to the scheme since it was first set up in 2014 – the 2023 update will be lighter touch, providing several clarifications alongside some important new guidance. The following details are from the National Cyber Security Centre, Cyber Essentials technical requirements updated for April 2023.
This latest update will take effect from the 24th of April, 2023. This means that all applications started on or after this date will use the new requirements and question list.
At Netitude, we strongly recommend that businesses consider acquiring a Cyber Essentials certificate. In fact, we ensure all our clients achieve Cyber Essentials as standard, and our experienced Technical Alignment Managers audit our clients every quarter to ensure they stay compliant. In addition, if you’d like to know what your business needs to do to achieve Cyber Essentials and Cyber Essentials PLUS, we can perform a gap analysis audit and provide a report with any remedial work you need.
Cyber threats are just like any business risk; they have to be assessed, and actions must be taken to remove, mitigate or accept the risk.
Implementing the five key controls under Cyber Essentials certification will significantly reduce some of the risks.
While our Managed IT service offers a comprehensive security package as standard, including Security Awareness training, we also have a choice of Managed Cyber Security packages to add additional layers to your business security.
In today’s ever-changing threat landscape, it’s no longer a matter of if but when you’ll suffer a cyber incident. Preventative solutions are great, but companies must also be equipt to proactively detect and respond to attacks before they cause serious damage. This is where services like 24/7/365 SOC monitoring and SIEM come in handy.
At Netitude, we favour the Cyber Essentials PLUS audit and certification for ourselves because we’re in an industry that requires a high level of security. Therefore, we need to show our clients that we invest in security and take it seriously. For us, Cyber Essentials PLUS is just the starting point, and we have processes and technology above and beyond this. Check out how we pass Cyber Essentials PLUS everytime.