Cyber Essentials aims to help organisations implement basic levels of protection against cyber attack, demonstrating to their customers that they take cyber security seriously.
- an independently verified self assessment. Organisations assess themselves against five basic security controls and a qualified assessor verifies the information provided.
The five basic controls within Cyber Essentials were chosen because, when properly implemented, they will help to protect against unskilled internet-based attackers using commodity capabilities – which are freely available on the internet. The five controls are:
The European General Data Protection Regulation (GDPR) was adopted by all EU member states in April 2016. This allowed businesses 2 years to prepare for when the law will become enforceable in May 2018. In August 2017 The Right Honorable Matt Hancock MP, the Minister for Digital published
Under the GDPR all businesses that wish to provide goods and services to EU residents will be required to conform to the requirements it lays down. Businesses will no longer need to opt in by registering with the
Information Commissioner’s Office
(ICO). All businesses will be deemed in scope, unless they prove otherwise. Undertaking Cyber Essentials and IASME Governance Standard, including the GDPR assessment elements, is a good way to show your customers that you have put things in place to meet these regulations. You can see more information on GDPR
Certification against both IASME governance and the Cyber Essentials will indicate a good level of all-round information security. This will be particularly true if you also pass the GDPR assessment questions and indicate that you have made efforts to ensure your company is ready for the introduction of the regulation.
The IASME Consortium Ltd, company number 07897132, Address: Wyche Innovation Centre, Walwyn Road, Malvern WR13 6PL