LONDON, UK: A week after the government launched the Cyber Essentials Scheme, seven small companies have already successfully achieved certification to the scheme using the IASME on-line self assessment.
The UK Government’s Cyber Essentials Scheme focuses on the five most important technical security controls. These controls were identified by the government as those that, if they had been in place, would have stopped the majority of the successful cyber attacks over the last few years.
IASME has worked closely with both the Department of Business, Innovation and Skills and CESG to develop a Cyber Essentials assessment method that is affordable for small companies and also reflects the complex way that many small businesses operate. All the questions are free to download from the IASME website to allow companies to see exactly what they have to put in place and work on becoming secure before paying for the assessment.
The small companies which have already achieved certification through this scheme recommend others to try it. “TeraByte IT under took the Cyber Essentials certification though IASME and found that the process start to finish was simple and easy to follow” said Marcus Dempsey, Managing Director of TeraByte IT Ltd “This achievement benefits both our company and clients by showing that we keep our data secure and provides that level of trust that this scheme provides.”
John Godwin, Head of Compliance and IA at Skyscape Cloud Services Ltd, agrees with the assessment ease of use “As one of the first organisations to have successfully completed the Cyber Essentials IASME assessment process, Skyscape found the on-line information submission and subsequent independent review by the IASME assessor to be straightforward and easy to understand. We would recommend all UK SMEs assess how this new Scheme will help them to protect their businesses.”
Another early adopter, Nexor Ltd, highlighted the benefit of the review of controls even when you have other security standards in place.
Andrew Kays, Operations Director explained “Security is paramount to Nexor and as a holder of ISO27001 we initially questioned if Cyber Essentials would provide any additional benefit. However, recognising the value of Cyber Essentials certification in the government supply chain, we committed to achieving certification at the earliest opportunity. During the review we identified several areas where there was scope for improvement in managing our existing security controls, which showed the value of the scheme. The certification process itself was simple and clear; and the self-certification process is very easy to complete.”