Cyber Essentials, Cyber Essentials Plus and IASME Cyber Assurance
Equilibrium are a Certification Body for The IASME Consortium, the Cyber Essentials Partner to the National Cyber Security Centre (NCSC). As one of the few assessors in the Birmingham area, we can offer Cyber Essentials, Cyber Essentials Plus, IASME Cyber Assurance and GDPR Readiness Assessments as a Certification Body.
What is Cyber Essentials?
Cyber Essentials scheme is a government-backed Cyber Security certification that sets out a baseline of Cyber Security suitable for all organisations. The scheme’s five security controls are commonly viewed as the benchmark for what all businesses should be following as a minimum. The certification is a valuable indicator that the organisation has taken the necessary measures to bolster Cyber Security and reduce the risk of a cyber-attack.
What is Cyber Essentials Plus?
Cyber Essentials Plus is the next stage on from the basic Cyber Essentials Self-Assessment Certification. It tests an organisations security against the information obtained in the Cyber Essentials questionnaire. Cyber Essentials Plus provides a higher level of assurance; it involves independently auditing your systems utilising vulnerability tools that test the measures put in place. The process can identify areas of security weakness that you may not have been aware of.
As part of the Cyber Essentials Plus certification process, one of our consultants will perform an in-depth assessment of your Cyber Security practices. If there are areas that we identify that are in breach of the assessment, we will provide remediation actions and timescales that you can apply prior to us issuing the certification. Equilibrium Security will then issue the certification for the Cyber Essentials Plus which will be valid for 12 months.
What is IASME Cyber Assurance?
The Cyber Assurance standard was developed over several years during a Technology Strategy Board funded project to create an achievable Cyber Security standard for small companies. The international standard, ISO27001, is comprehensive but extremely challenging for a small company to achieve and maintain. The standard is written along the same lines as the ISO27001 but specifically for small companies.
The standard, at a realistic cost, allows the SMEs in a supply chain to demonstrate their level of Cyber Security and that they are able to properly protect their customers’ information.