Investigating Cyber Essentials and Cyber Essentials Plus  

Many standards and frameworks exist to assist organisations in implementing security management systems. Examples are International Organisation for Standardisation (ISO) ISO/IEC 27001, the National Institute of Science & Technology (NIST) Cybersecurity Framework and the Centre for Internet Security (CIS) Controls. However, organisations at the smaller end of the size and complexity spectrum are looking for a considerably more straightforward approach to implement and demonstrate to other organisations and their customers that they are taking security seriously. In 2014, the UK's National Cyber Security Centre (NCSC) launched the Cyber Essentials certification scheme. The scheme is primarily aimed at small and medium-sized enterprises (SMEs) and encourages them to follow straightforward steps to implement foundational baseline security controls to mitigate the risk from web-based attacks.

Find out more -  subscribe to DFM today   and read the full article. Or if you're a subscriber, login and  read the article online .