Ghost Enterprises Logo

Cyber Essentials: Should your business get certified?

Cyber Security Essentials is an effective, Government backed scheme that gives you the tools to protect your organisation, whatever its size, against a whole range of the most common cyber attacks.

The common cyber-attacks are:

Malware: Malware is a software specifically designed to interfere with a computer’s normal function, infecting systems and networks in order to gain access to sensitive information. Examples of common malware are viruses, worms, trojan viruses, spyware, adware and ransomware.

Phishing: The goal of any phishing attack is to steal sensitive information such as financial or login information – or to install malware onto a target’s device. Criminals are increasingly becoming smarter in their means of obtaining such information, mimicking reputable, trusted organisations in their quest to obtain sensitive information deceiving a victim into opening an email or text message. The recipient is then fooled into clicking a malicious link, which can lead to the installation of harmful malware.

Ransomware: Ransomware is a form of malware designed to encrypt files on a target device, rendering those files and the systems they rely on unusable.

Viruses: A virus is a harmful program intended to spread from computer to computer and across networks, as well as other connected devices. These self-copying threats are usually designed to damage a device or steal data.

Cyber Essentials shows you how to address those basics and prevent the most common attacks.

There are two types of Cyber Essentials accreditations businesses can work towards:

Cyber Essentials

The certification gives you peace of mind that your IT defenses will protect against the majority of common cyber-attacks, simply because these attacks are looking for targets that do not have the appropriate security controls in place.

Cyber Essentials Plus

Cyber Essentials Plus still has the Cyber Essentials trademark simplicity of approach, and the protection you need to put in place is the same, but for Cyber Essentials Plus, a hands-on technical verification is carried out.

New changes to Cyber Essentials from April 2023

In April 2023, the NCSC and its Cyber Essentials delivery partner IASME will update the technical requirements for Cyber Essentials. This update is part of a regular review of the scheme’s technical controls, ensuring that it continues to help UK organisations guard against the most common cyber threats.

The most notable changes are:

  • Firmware – only router and firewall firmware will need to be kept up to date and supported
  • Third-party devices – there will be more guidance on how external devices such as those owned by contractors or students should be treated
  • Device unlock – where devices are unconfigurable, it will be acceptable for applicants to use default settings
  • Malware protection – anti-malware will no longer need to be signature-based and there will be guidance on which types are suitable for different devices
  • Zero trust – there will be more guidance on how to deliver this in the context of Cyber Essentials and asset management

Why you should get Cyber Essentials

  • Demonstrate your commitment to data protection
  • Attract new business with the promise you have the appropriate levels of cybersecurity in place
  • Gain a clear picture of your company’s cybersecurity level
  • Learn how to prevent common attacks.

How Ghost Enterprises can help

As a managed IT provider and an expert in cybersecurity, Ghost Enterprises has been working with businesses of all sizes and across all sectors for 10 years. Our team of cybersecurity consultants can help your business work towards Cyber Essentials and ISO27001 compliancy, giving you peace of mind that your business is protected from the latest security threats.

There’s never been a better time for a cybersecurity health check, contact us to arrange yours today, telephone 01245 208080 or email us helpdesk@ghostenterprises.co.uk.

– By Holly

LATEST POSTS

Unlocking Efficiency with Microsoft Copilot: A Ghost Enterprises Review

20th February 2024