Cyber Essentials
Cyber Essentials accreditation helps you in the following ways:
Reassure customers that cyber security is taken seriously
Be listed on IASME/NCSC’s Directory of organisations awarded Cyber Essentials
Attract new clients with the assurance that cyber security measures are in place.
Cyber essentials are also mandated for many governments and local authority contracts.
·
UK-based SMEs (less than £20m annual turnover) who certify the whole organisation have free cyber liability assurance.
Some of the Cyber Essentials self-assessment questions can be difficult to understand if you do not have a technical IT background or you have a complex company structure.
We have a number of qualified cyber security assessors who will be able to help you understand the assessment questions, how they relate to your company and what steps you need to take in order to achieve certification.
Cyber Essentials:
Self Certification
Responses to the self assessment questions are managed through our secure on-line portal, enabling you to complete the assessment with ease at a pace that suits.
There are 88 questions in the self-assessment scheme. The questions are answered on a secure portal and marked by Forti5 Technologies.
On successful completion of the assessment, you can display the Cyber Essentials badge on your website along with supporting, publicity material.
Furthermore, you will be entitled to one year's complimentary cyber security insurance.
This is a cost effective route to certification for businesses that have strong IT department or compliance with other security schemes (such as ISO27001).
Cyber Essentials:
Assisted Certification
For many SMEs the process of
self-certification can be daunting.
Forti5 Technologies offer you the technical expertise to assist you in qualifying for Cyber Essentials.
We'll spend half a day with you to identify the key areas you need to address and how to address these.
We'll also assist you in answering the questions on the certification portal.
On successful completion of the assessment, your business can display the Cyber Essentials badge on your website and marketing material.
Furthermore, you willl be entitled to one year's cover on our complimentary
ISAME cyber security insurance.
We also offer additional services to help with the design of the process and controls for compliance with
Cyber Essentials.
Additional Services for Cyber Essentials
Monthly or Annual Support
including a monthly call
to check you are keeping up to date.
Firewall Installation set up
(close ports, rules, etc. plus 2 factors)
plus monthly monitoring.
Cyber Essentials Awareness Training.
1/2 day on-premises training.
Two Day Cyber Security Course
Tailored for all staff.
Cyber Essentials Plus has the same as requirements of Cyber Essentials with the critical difference that it requires an independent assessment of your security controls, to verify that you have the technical security controls in place.
Cyber Essentials Plus
Cyber Essentials Plus accreditation helps you in the following way:
In addition to the benefits of Cyber essentials.
Is a technical audit to verify that cyber security measures are in place.
This higher level of assurance involves completing the online assessment followed by a technical audit of the systems that are in scope for Cyber Essentials. This includes a vulnerability assessment of a representative set of user devices, all internet gateways, and all servers with services accessible to unauthenticated internet users. We will test a suitable random sample of these systems (typically around 10 per cent) and then make a decision on whether further testing is required.
In addition to the standard NCSC vulnerability assessment, we can also conduct a pen test of your systems.
Complement Cyber Security Insurance
A one-year complimentary cyber insurance of £25K is available for organisations:
-
With a turnover of less than £20 million
-
Who have been certified to Cyber Essentials by Forti5
-
Provided assessment has covered the whole organisation
This will cover breaches committed by hackers, employees, ex-employees and contractors.
It includes costs to engage:
Legal, IT Forensics, Data Restoration, Reputational Protection, Notification costs and credit and ID Monitoring services, following an actual or suspected breach of personal or corporate information, an IT security or system failure.
