top of page
pexels-marta-branco-1194713.jpg
close up of keyboard

Cyber Security Certifications

Cyber Essentials is a set of basic technical controls organisations should have in place to protect themselves against common online security threats.

This certification is suitable for all organisations, of any size, in any sector.

As well as helping to guard your organisation against cyber attack, Cyber Essentials demonstrates your commitment to cyber security to your customers and suppliers.

What is the process?

You fill in a questionnaire, which asks questions about your business, what devices you use and what security measures you have in place. These answers are then assessed by a certification body such as ourselves and, if satisfactorily answered, you are awarded the certification. If not, the questionnaire is returned to you with some corrections to be actioned. Regola will be there to guide you every step of the way.

​

Cyber Assurance

 Cyber assurance is a comprehensive, flexible and affordable cyber security standard. This provides assurance that an organisation has put in place a range of important cyber security, privacy and data protection measures. It aligns directly with the UK Government’s 10 steps to Cyber Security with additional Data Privacy controls and offers smaller companies within a supply chain a ‘right sized’ approach to show their level of information security for a realistic cost.

Important cyber security measures are included such as assessing and managing risk, training people and setting practical policies and procedures. Key resilience strategies are covered and include backing up data, business continuity planning and incident response. Legal and regulatory requirements are also addressed such as your country’s implementation of GDPR (in the UK this is the Data Protection Act). Furthermore, the IASME Cyber Assurance standard was developed over several years during a government funded project. This was in order to create an affordable and achievable alternative to the international standard, ISO 27001. You must have Cyber Essentials first in order to achieve Cyber Assurance.

Computer Programming
Computer Programming

Cyber Baseline 

IASME Cyber Baseline

​

Over ten years ago, Cyber Essentials was designed to certificate good cyber security practice in organisations in the UK and Crown Dependencies. Using similar principles, IASME Cyber Baseline has been designed to help organizations worldwide to identify, mitigate, and manage cyber threats and gain certification for their efforts. It provides an affordable and practical way to demonstrate commitment to cybersecurity and protect data. By achieving Cyber Baseline certification, companies outside the UK and Dependencies can significantly reduce their risk of cyberattacks and enhance their global reputation.

 

Key Features

​

•Internationally recognized cyber security standard. This boosts credibility with customers, partners, and suppliers.

•Pitched to be affordable for SMEs

•Comprehensive Assessment of security controls

•Whilst engaging with the certification process, businesses can tap into expert advice and support to help them implement necessary security measures. It is therefore intended as a learning experience as well as a certification processBenefits of Certification

•Enhanced Security: by adhering to the IASME Cyber Baseline standards, your business will implement best practices in cybersecurity, reducing vulnerabilities and protecting against threats.

•Customer Trust: the certificate demonstrates your commitment to safeguarding your own - and third-party - data

•Competitive Advantage: stand out from competitors by showcasing your dedication to the security of customer data.•

Regulatory Compliance: achieving IASME Cyber Baseline certification helps ensure your business comply with data protection regulations and other related standards.

 

The Certification Process

​

1. Self-Assessment: Complete a detailed self-assessment questionnaire to evaluate your current cybersecurity measures.

2. Gap Analysis: Identify any gaps in your security practices and receive guidance on how to address them.

3. Implementation: add and adjust security controls and measures to meet the IASME Cyber Baseline standards.

4. Assessment: be assessed by an accredited IASME certification body.

5. Certification: receive the IASME Cyber Baseline certificate, valid for 1 year.

Cyber Essentials Plus

Cyber Essentials Plus is an expansion of the Cyber Essentials Self-Assessment questionnaire which includes an audit of the organisation's IT systems. This is then submitted to and marked by a certification body. All organisations MUST have Cyber Essentials  certification dated within 3 months prior to applying for Cyber Essentials Plus.

Cyber Essentials Plus consists of an audit of your organisation's system by a highly trained assessor. The goal of said assessment is to confirm that all controls and measures that have been declared in the Cyber Essentials questionnaire have actually been put into practice within the organisation's network. By undertaking and completing Cyber Essentials Plus, you can declare that your organisation has taken the appropriate measures to meet baseline security standards set out by the Cyber Essentials Scheme.

The key elements of a Cyber Essentials Plus assessment are:​

  • A vulnerability scan is performed on selected machines to confirm patching and basic configuration is at an acceptable level.

  • An external port scan of your internet facing IP addresses is conducted to ensure no clear and obvious misconfigurations or vulnerabilities can be identified.

  • A test is conducted on your default email/internet browser to confirm how well configured they are to prevent execution of malicious files.

  • Screenshots are taken as evidence that the system is Cyber Essentials compliant.

Should there be any issues identified that require remediation, there is an extended period of 30 days with this package. Failure to complete remediation in this time will result in a fail.

Upon achieving a successful certification your organisation will be provided with a certificate that is valid for 12 months from pass date. Additionally, you can also choose to be added to a list of Cyber Essentials certified companies. This is optional, but can help advertise your organisation's compliance to the Cyber Essentials Scheme.

Work Desk office scene

Get Started Today

Protect your business and gain a competitive edge over market rivals with a Cyber Security certification. Why wait?

bottom of page