Suzaku Consulting | Rise Again

Cyber Essentials

Achieving your Cyber Essentials accreditation should be a routine endeavour. It is ultimately about enabling your business to win work, either through public sector contracts or with regulated industries who require you to demonstrate competence in this area. Achieving your Cyber Essentials and Cyber Essentials Plus with us is made to be routine: this isn’t easy, it takes the right technology and sufficient expertise for what is a robust audit.

Unlike the ISO/IEC 27001, you are actually pentested as part of the Cyber Essentials Plus. This means that Cyber Essentials cannot be fudged, and IASME (the government provider) are increasingly tightening the Cyber Essentials standard as the security landscape becomes more complex.

Core elements to upholding the Cyber Essentials standard are as follows:

  • Endpoint Protection
  • Network Protection
  • Automated Patching within 14 days of release, with no exceptions
  • Two-factor authentication on all cloud applications, with declarations otherwise
  • Visibility across your estate, i.e. you have eyes on everything

One major benefit of achieving the Cyber Essentials accreditation is Cyber-Insurance, especially as many digital businesses find it difficult to secure any Cyber Insurance otherwise.

For the Cyber Essentials accreditation is actually pays to be small, as this means that you can more easily administer your systems and the associated costs of securing your network are smaller. The Cyber Essentials is also charged on a grading, with larger organisations paying slightly more to be audited as they naturally have more systems to review.

What it achieves

The Cyber Essentials standard is admittedly the ‘basics’ as far as security professionals are concerned, if you aren’t already doing this then your business is at severe risk of collapse from a security incident. While the Cyber Essentials doesn’t audit for backups, as there are many ways to deliver this, it is highly recommended by all security professionals: no backups, no pity.

Achieving the Cyber Essentials accreditation enables your business to have access to lucrative public sector contracts and regulated industries. It also ensures that you can rest at ease knowing that your business is more protected than competitors who lack this accreditation, meaning you comparatively are much less likely to suffer a cyber attack.

In essence, this quality mark lets you pursue larger and more lucrative contracts by demonstrating that you are adhering to basic security standards. Anybody can say they do, it takes a Cyber Essentials Plus to actually demonstrate this competence.

How we can help

Our partnerships ensure that we can deliver all the requirements to routinely achieve and adhere to the Cyber Essentials standard. As a provider we are intimately familiar with any changes in the standard on an annual basis, and have a positive business relationship with our external auditors. So long as you implement our recommendations, we can guarantee you can achieve this valuable quality mark.