Cyber Essentials and how it protects your business.

10 mins

 Yes, we know it’s a distinctly unsexy name, but Cyber Essentials – the gov...


Yes, we know it’s a distinctly unsexy name, but Cyber Essentials – the government scheme to help organisations protect against cyber threats – is definitely more enticing than it sounds. Assuming you work in the IT sector and find the prospect of winning new contracts sexy, that is. You do? Well, read on and prepare to have your knees trembled.

 You had me at ‘Cyber’…

In the minefield that is the internet, new threats emerge every day. And while some cyber threats come from dastardly criminal geniuses, many come from bored, unskilled attackers using freely available tools. The Cyber Essentials scheme is designed to combat these not-so-slick attacks, by helping organisations implement basic – but highly effective – security controls.

 Accreditation splits into two levels:

·        Cyber Essentials – basic certification, gained via a verified self-assessment. Basically, the company assesses itself across five criteria (such as firewalls and malware protection) and an independent assessor says yay or nay.

·        Cyber Essentials PLUS – this covers the same five criteria, but instead of a self-assessment, a qualified assessor tests that the controls actually, you know, work (i.e. by simulating basic attacks – Penetration Test).

Penetration testing, also known as pen testing, pen test or ethical hacking, is an authorised simulated cyber attack on a computer system, network or web application to find security vulnerabilities\flaws that an attacker could exploit and use to their advantage. Should any weaknesses arise, the appropriate measures can then be put in place to ensure that your systems are protected from the threat of a real attack.

 Unzipping the business benefits

Racy stuff, eh? It gets better. Gaining Cyber Essentials accreditation delivers some seriously attractive benefits:

·        Confidence for the business, confidence for customers. Not only does Cyber Essentials ensure you’ve got effective security controls in place – like restricting system access through proper passwords (no ‘password1’ allowed, in other words) – it also demonstrates to your clients that you take cyber security seriously.

·        More interesting, prestigious gigs. Cyber Essentials certification is essential if you want to win certain government contracts, particularly where sensitive or personal information is involved.

As technology recruitment and IT recruitment specialists, Roc Search understands the value of accreditation schemes like Cyber Essentials. So if you want to ‘level up’ in your career, find exciting new technology jobs, or perhaps pep up your company’s IT recruitment capabilities, talk to our technology recruitment team.