Guidance

Cyber essentials scheme: overview

Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks.

Documents

Detail

The government has worked with the Information Assurance for Small and Medium Enterprises (IASME) consortium and the Information Security Forum (ISF) to develop Cyber Essentials, a set of basic technical controls for organisations to use.

The full scheme, launched on 5 June 2014, enables organisations to gain 1 of 2 new Cyber Essentials badges. It is backed by industry including the Federation of Small Businesses, the CBI and a number of insurance organisations which are offering incentives for businesses.

The Cyber Essentials Requirements document sets out the necessary technical controls. The Assurance Framework shows how the independent assurance process works and the different levels of assessment organisations can apply for to achieve the badges. It also contains guidance for security professionals carrying out the assessments.

From 1 October 2014, government requires all suppliers bidding for certain sensitive and personal information handling contracts to be certified against the Cyber Essentials scheme.

For further guidance for small- and medium-sized enterprises about online security see www.cyberstreetwise.com/cyberessentials.