The UK Government department for Business, Innovation and Skills has recently introduce its Cyber Essentials scheme to keep “the UK safe in cyber space”
The purpose of this Cyber Essentials scheme is to provide a framework of best practices for organisations who may find the ISO27001 certification too expensive and complicated. The guidelines provide advice on what controls they feel that small businesses should be putting in place to combat and manage cyber essential risks. The scheme summary “sets out the background, next steps and answers questions that companies may have about the scheme”.
The Cyber Essentials scheme covers five key areas:
- Secure configuration
- Boundary firewalls and internet gateways
- Access control and administrative privilege management
- Patch management
- Malware protection
The Universities and Science Minister David Willetts has commented that “Cyber Essentials is an easy-to-use, cost-effective way to help businesses and the public sector protect themselves against the risks of operating online” and that “organisations will now be able to easily demonstrate they are cyber safe – reassuring their clients, boosting confidence and profitability”. The controls have been based on internationally recognised stand ISO 27001, and will be a recognised alternative/ stepping stone to full ISO27001 certification.
There are three proposed levels of certification:
- Bronze tier – based on a self-assessment
- Silver – based on an independently verified testing process
- Gold – based on an independently verified testing process combined with an audit
The full scheme (along with the assessment framework and the accreditation badge) will be available in summer 2014. This scheme follows on from the ‘Cyber Street’ campaign that was funded by the National Cyber Security Programme in early 2014.
Signal Networks can offer companies secure and logical ways to secure their business and become ISO27001 accredited. We can offer a unique and securely designed network to filter out any potential Cyber Essential issues and are partnered with some of the best software and hardware suppliers to deliver the best equipment available.