What Is Cyber Essentials?
Cyber Essentials is a government-backed scheme, operated by the National Cyber Security Centre. The scheme highlights the baseline of good security practice and helps to teach businesses how to protect themselves from online threats.
There are two different certifications that can be earned:
- Cyber Essentials: a self-assessment of internal security systems
- Cyber Essentials Plus: requires a 3rd party vulnerability assessment of security systems
The assessment covers these 5 key areas, or ‘technical controls’:
- A secure internet connection
- Secure devices and software
- Control access to data and services
- Protection from viruses and other malware
- Keeping devices and software up to date
Businesses should put these controls in place to heighten levels of cybersecurity.
To ensure that your business is completely protected, Nexor can carry out a full security audit and perform a gap assessment. We can then provide recommendations for changes within your business, as well as a roadmap of how you can reach your goal of achieving the Cyber Essentials certification. Nexor will enable your business to achieve this within 12 months. If you wish to achieve Cyber Essentials Plus, we can arrange the 3rd party assessment through our partners at Redscan.
Cyber Essentials for Financial Advisers
The Financial Conduct Authority (FCA) has reported that financial advisers are not following the basics of cybersecurity. They are vulnerable to cyber attacks, which could be a threat to the sensitive and personal data that they hold within their companies.
It is therefore important that financial advisers comply with Cyber Essentials and demonstrate this to their clients. This will not only protect personal and sensitive data but also enables businesses to build trust with their clients.
Regulatory bodies, such as the FCA, now expect companies to evidence the steps they are taking to improve their cybersecurity. It is within your best interests to protect your business against attacks, as the loss of information can be costly and time-consuming. In the event of a data breach, companies must be able to prove that they have good cybersecurity measures in place to the Information Commissioner’s Office (ICO), such as having the Cyber Essential certification. Failing this, you may be subject to a fine, especially if sensitive data is involved.
How Nexor Can Help
As well as achieving the Cyber Essentials certification, you should be able to detect possible threats and respond to them quickly and efficiently. Nexor can provide your business with our CyberShield Secure services. This methodology underpins all of our work, helping to ensure that your objectives are the main focus. We incorporate the identify and protect elements of the NIST Cyber Security Framework during our initial assessments, followed by recommendations on how to detect potential threats.
Author Bio – Colin Robbins
Colin Robbins is Nexor’s Managing Security Consultant. He is a Fellow of the IISP, and a NCSC certified Security and Information Risk Adviser (Lead CCP) and Security Auditor (Senior CCP). He has specific technical experience in Secure Information Exchange & Identity Systems and is credited as the co-inventor of LDAP. He also has a strong interest in security governance, being a qualified ISO 27001 auditor.
Be the first to know about developments in secure information exchange