Cyber Essentials is a simple yet incredibly effective UK Government backed initiative supported by the NCSC (National Cyber Security Centre), suitable for any organisation, of any size, in any sector.
Designed to protect organisations against the most common cyber-attacks, it's a certification that we recommend to all our customers and one that we have first-hand experience of achieving.
Does my organisation need Cyber Essentials certification?
As a managed IT services provider with a strong focus on ensuring our customers have modern and secure IT environments, we are strong advocates of Cyber Essentials certification.
Organisations need to consider that cyber attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They’re the digital equivalent of a thief trying your front door to see if it’s unlocked. Therefore, in committing to Cyber Essentials you'll access an effective and affordable way to reduce your organisation’s exposure to these attacks.
In kicking off your Cyber Essentials journey we'll work with you to analyse your current environment, identifying the areas you need to focus on to achieve certification. Key questions to consider include:
- Do you have a password policy?
- Do you know the minimum standard of passwords in use?
- Do you know that all passwords have been changed from their default?
- Are all operating systems, firmware and applications supported and up to date?
- Are all user accounts of staff who are no longer with the organisation deleted or disabled?
- Do you know which staff have administrative level accounts?
- Do staff that have administrative accounts only use these accounts for administrative purposes and not for daily use?
Achieving Cyber Essentials certification
Our Cyber Essentials certification process is tried and tested across many of our existing customers, meaning we can quickly get your path towards certification mapped out and delivered. Here are a few reasons why you should get Cyber Essentials:
- Reassure customers that you are working to secure your IT against cyber attack
- Attract new business with the promise you have cyber security measures in place
- You have a clear picture of your organisation's cyber security level
- Some Government contracts require Cyber Essentials certification
Ready for Cyber Essentials Plus?
With Cyber Essentials Plus you'll have the highest level of certification offered under the Cyber Essentials scheme. Your organisation will need an even stronger, more robust cyber security environment than necessary for Cyber Essentials, with particular focus in areas such as phishing attacks and hacking. We can take you through the Cyber Essentials Plus process, kicking off with a review of your current set up.
What controls are required for Cyber Essentials?
Boundary firewalls and internet gateways
Establish network perimeter defences, and firewall policies to detect and block access to known malicious domains and prevent users’ computers from communicating directly with the Internet.
Malware protection
Build and maintain malware defences to detect and respond to known attack code.
Patch Management
Patch known vulnerabilities with the latest version of the software, to prevent attacks which exploit software bugs.
Whitelisting and execution control
Prevent unknown software from being able to run or install itself, including AutoRun on USB and CD drives.
Secure Configuration
Restrict the functionality of every device, operating system and application to the minimum needed for business to function.
Passwords and access
A password policy is essential, along with limiting normal users’ execution permissions and the least privilege principle.
Cyber Essentials Certification with Kick ICT
Heard of Cyber Essentials and looking to achieve certification? We deliver a two-day engagement to assess your organisation’s levels of protection against a wide variety of the most common cyber-attacks. We'll work with you through each stage of the assessment process, identifying any areas that require improvements before submitting the assessment for formal accreditation. Check out our dedicated Cyber Essentials section for more information.
Why Kick for Cyber Security?
As a long-established provider of a range of IT services and support, our new cyber security division has the expertise and resources to focus solely on providing premier protection and safeguarding your vital data.
ASK THE EXPERTS
We're here to help
Whether you are ready to start scoping or just want to discover more about Kick ICT, our experts are at hand to help.