A customer asked me the other day if I knew anything about Cyber Essentials. It rang a bell, but I couldn't really think why. A quick search online and found it....
What is Cyber Essentials?
It is an effective, Government backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks.
Cyber attacks come in many shapes and sizes, but the vast majority are very basic in nature, carried out by relatively unskilled individuals. They're the digital equivalent of a thief trying your front door to see if it's unlocked.
There are two levels of certification: Cyber Essentials and Cyber Essentials Plus.
So, what does this mean?
Well I went through the questionnaire to find out, and after answering all the questions and in the end got a readiness report with 15 pages giving me an outline on what I should do to become certified.
Does it cost anything?
Yes! Anything from £300+VAT to £500+VAT (depending on the size of company) per year! - If you want to go for the Cyber Essentials Plus, then prices will be higher (they don't show these on the website!)
Is it compulsory?
No. But some Government Contracts may require you to be Cyber Essentials certified or to be able to demonstrate that the technical controls are in place.
So is it worth doing?
That's something that only you can decide.
Will I become Cyber Essentials certified?
NO! Whilst a certificate on the wall to say you are Cyber Essentials certified does look good, it's a lot of money every year is a bit steep for a Sole Trader to be honest.
It is worth going through the Cyber Essentials readiness toolkit as your responses to the questions will create a personal action plan to help you move towards meeting the Cyber Essentials requirements. And the report includes links to specific guidance on how to meet the requirements.
I'm now off to read the report again.
Comments