Cyber Essentials is a set of basic controls organizations should implement to protect against common online security threats. This certification is suitable for any organization, regardless of size or sector, and demonstrates your commitment to cybersecurity. To get certified, complete a questionnaire about your business, devices, and security measures. A certification body will assess your responses, granting certification if satisfactory. If not, you'll receive feedback for corrections, with Regola guiding you through the process.
Cyber Assurance
Cyber Assurance is a flexible, budget-friendly cybersecurity certification that shows you’ve got your bases covered when it comes to cybersecurity, privacy, and data protection. It matches up with the Government's 10 steps to Cyber Security and gives smaller companies a tailored way prove their info security without breaking the bank. It covers important steps like risk assessment, employee, and practical policies. It also includes strategies for resilience, such as data backup and handling incidents, while keeping up with legal requirements like GDPR. The IASME Cyber Assurance standard was created through a government-funded project to offer an affordable alternative to ISO27001. You do need to have Cyber Essentials first to get Cyber Assurance though.
Cyber Baseline
Over a decade ago, Cyber Essentials was created to recognize good practices in the UK and Crown Dependencies. Now, IASME Cyber Baseline is here to help organizations everywhere tackle cyber threats and get certified.
It’s a budget-friendly way to show you’re serious about cybersecurity and keeping your data safe for companies outside the UK, getting this certification can really cut down on the risk of cyberattacks and boost your reputation.
​
Key Features:
​
-
An internationally recognized cybersecurity standard that builds trust with customers and partners.
-
Designed to be affordable for small and medium-sized businesses.
-
Offers a thorough assessment of your security controls.
-
You’ll get expert advice during the certification process to you put the right security measures in place. Benefits of Certification
-
Enhanced Security: By following IASME Cyber Baseline standards, you’ll adopt the best practices to minimize vulnerabilities.
-
Customer Trust: The certification shows you care about protecting your data and your clients’ data. - Competitive Advantage: Stand out from the crowd by showcasing your commitment to data security.
-
Regulatory Compliance Helps you meet data protection rules and other related standards.
The Certification Process
​
1. Self-Assessment: Fill out a self-assessment to check your current cybersecurity measures.
2. Gap Analysis: Spot any gaps in your security and get tips on how to fix them.
3. Implementation: Make the necessary adjustments to meet IASME standards.
4. Assessment: Get evaluated by an accredited certification body.
5. Certification: Achieve your IASME Cyber Baseline certificate, which is good for a year!
Cyber Essentials Plus
Cyber Essentials Plus is an expansion of the Cyber Essentials Self-Assessment questionnaire which includes an audit of the organisation's IT systems. This is then submitted to and marked by a certification body. All organisations MUST have Cyber Essentials certification dated within 3 months prior to applying for Cyber Essentials Plus.
Cyber Essentials Plus consists of an audit of your organisation's system by a highly trained assessor. The goal of said assessment is to confirm that all controls and measures that have been declared in the Cyber Essentials questionnaire have actually been put into practice within the organisation's network. By undertaking and completing Cyber Essentials Plus, you can declare that your organisation has taken the appropriate measures to meet baseline security standards set out by the Cyber Essentials Scheme.
​
The key elements of a Cyber Essentials Plus assessment are:​
-
A vulnerability scan is performed on selected machines to confirm patching and basic configuration is at an acceptable level.
-
An external port scan of your internet facing IP addresses is conducted to ensure no clear and obvious misconfigurations or vulnerabilities can be identified.
-
A test is conducted on your default email/internet browser to confirm how well configured they are to prevent execution of malicious files.
-
Screenshots are taken as evidence that the system is Cyber Essentials compliant.
Should there be any issues identified that require remediation, there is an extended period of 30 days with this package. Failure to complete remediation in this time will result in a fail.
Upon achieving a successful certification your organisation will be provided with a certificate that is valid for 12 months from pass date. Additionally, you can also choose to be added to a list of Cyber Essentials certified companies. This is optional, but can help advertise your organisation's compliance to the Cyber Essentials Scheme.
Get Started Today
Protect your business and gain a competitive edge over market rivals with a Cyber Security certification. Why wait?