Cyber Essentials Scheme: overview
- Department for Business, Energy & Industrial Strategy
- Part of:
- Defence Cyber Protection Partnership and Cyber security
- First published:
- 7 April 2014
- Last updated:
- 3 February 2015, see all updates
Cyber Essentials is a government-backed, industry supported scheme to help organisations protect themselves against common cyber attacks.
Ref: BIS/14/696 PDF, 499KB, 10 pages
Ref: BIS/14/696 PDF, 501KB, 17 pages
Ref: BIS/15/72/ PDF, 546KB, 12 pages
The government has worked with the Information Assurance for Small and Medium Enterprises (IASME) consortium and the Information Security Forum (ISF) to develop Cyber Essentials, a set of basic technical controls for organisations to use.
The full scheme, launched on 5 June 2014, enables organisations to gain 1 of 2 new Cyber Essentials badges. It is backed by industry including the Federation of Small Businesses, the CBI and a number of insurance organisations which are offering incentives for businesses.
The Cyber Essentials Requirements document sets out the necessary technical controls. The Assurance Framework shows how the independent assurance process works and the different levels of assessment organisations can apply for to achieve the badges. It also contains guidance for security professionals carrying out the assessments.
From 1 October 2014, government requires all suppliers bidding for certain sensitive and personal information handling contracts to be certified against the Cyber Essentials scheme.
For further guidance for small- and medium-sized enterprises about online security see www.cyberstreetwise.com/cyberessentials.
Published: 7 April 2014
Updated: 3 February 2015
- The 'Cyber Essentials Scheme: Assurance Framework' (BIS/15/72) has been updated.
- Cyber Essentials Summary, Requirements and Assurance Framework published.
- First published.