We have just successfully passed Cyber Essentials Plus, a test we undergo every year because we value highly the security of our IT systems. We also know it gives our corporate and individual customers piece of mind when searching for information on our websites or using our T2A API methods.
So here's a bit more information about what the accreditation is, how it's done, and some reasons to do it in your organisation...
Cyber Essentials is a scheme, backed by the UK government, that helps you protect your organisation against a range of common cyber attacks. There are two types of certification:
Cyber Essentials is the cheaper option at £300+VAT. This is a self-assessment where you answer of series of questions relating to your IT infrastructure. For those organisations that don't have anyone with a technical IT background and may find some of the questions difficult to answer, there is help available from one of the Certification Bodies who are trained and licensed for the Cyber Essentials scheme.
Cyber Essentials Plus involves a hands-on technical verification that your IT systems meet the required standard to repel common cyber attacks. As these hands-on tests of your network and computers are done by experts from one of the Certification Bodies, having the Cyber Essentials Plus certification displayed to customers gives more assurance that you are complying with the scheme than the basic self-assessment option above.
This was the reason we felt it better to go for the "Plus" option even though it is more expensive. The price varies depending on the size and structure of your organisation and you can get a quote on the Government's Cyber Essentials partner IASME website here: Cyber Essentials Plus Get a Quote - Iasme
In these times of the Covid-19 pandemic we expected that we would have to look at safe distancing measures etc. when someone from our chosen certification body came to visit our office. Instead they sent us an impressive looking case of technical equipment for us to plug in. They were then able to do all their necessary checks remotely, but just as good as if they has been in our office in person.
As we've already mentioned, at T2A we thought it was well worth going for Cyber Essentials Plus. But if you can't afford that it's still worth doing the basic Cyber Essentials certification. There are good reasons for doing either option:
There is a good FAQs section on the National Cyber Security Centre's (NCSC) website: Frequently Asked Questions - NCSC.GOV.UK
Here is an overview of the scheme on the NCSC website: About Cyber Essentials - NCSC.GOV.UK
Our IT systems have been tested to ensure they meet the high standards needed to protect us against cyber attacks. This website is secured using 256-bit encryption.
Please refresh the page and try again.