CYBER ESSENTIALS

What Is Cyber Essentials?

Well, the clue is in the name. Cyber Essentials is a standard for measuring the essential steps that need to be taken by an organisation to secure its technical infrastructure against a cyber attack. It is owned by the United Kingdom's National Cyber Security Centre and delivered by The IASME Consortium through Certification Bodies like Digital Armour.

Cyber Essentials or Cyber Essentials Plus?

The Cyber Essentials standard is one standard but there are two measures of compliance:

1. Cyber Essentials - A self-assessment which the organisation can take to self-certify to the Cyber Essentials standard. The self-assessment is moderated by an assessor resulting in a pass/fail and a certificate is awarded.
2. Cyber Essentials Plus - An assessor confirms that the answers provided to the Cyber Essentials Self-Assessment are accurate and subjects the estate in scope to a vulnerability scan and intrusion attempts via test malware. Successfully passing these tests results in a pass/fail and a certificate is awarded.

In order to seek compliance to Cyber Essentials Plus, you must first attain compliance with Cyber Essentials.

We're always going to recommend Cyber Essentials Plus because it is an independent verification of your security posture, rather than a self-assessment, but cybersecurity is a journey, not a destination and you've got to start somewhere and move at a pace that is right for you.

If you're contractually required to attain Cyber Essentials Plus, then we can help you attain the certification quickly and we will move at the speed you need in order to achieve compliance. The quickest we have taken an organisation from zero to hero is 20 days. The longest, to date, 21 months.

What is IASME Cyber Assurance?

IASME Cyber Assurance moves beyond the technical controls within Cyber Essentials and looks more at the organisational policies, processes and procedures you have in place to safeguard data.

Again, you've got two levels - self-assessed and audited (Level 1 and Level 2) - so you can demonstrate progression on your compliance journey.

Why should I choose Digital Armour as my Certification Body?

Good question. We're not the cheapest but we've been around and certifying organisations to Cyber Essentials, Cyber Essentials Plus and IASME Cyber Assurance (formerly The IASME Standard) since 2014 so we are amongst the most experienced in the United Kingdom today. We have also worked internationally with multi-national companies and smaller organisations so if you're looking at us from outside the United Kingdom, let's have a chat as we want to grow our international customer base and we're not afraid to travel.

Digital Armour also tries to lead by example. If there's a new version of the Cyber Essentials standard, we're usually one of the first to go through that question set. We have been through Cyber Essentials, Cyber Essentials Plus, IASME Cyber Assurance and ISO27001 as a Group of Companies without omitting anything from scope so we aim to lead by example in what we do and how we do it.

No, we're not everyone's cup of tea but we're fair, flexible and keen to help you progress on your cybersecurity journey.