Cyber Essentials is a government introduced Cyber security accreditation that enables organisations to showcase their credentials as a trustworthy and secure organisation when it comes to cyber security. Cyber Essentials is the minimum an organisation needs to implement in order to bid for new MOD defence contracts which include the transfer of ‘MOD identifiable information’.
The MOD has had this requirement since January 2016 and it is key for suppliers looking to do business in the defence sector.
As the risk level goes up, some additional controls are required that can be evaluated through Cyber Essentials Plus vulnerability tests.
A full overview of Cyber Essentials is available for free in the Scheme Summary document.
*Cyber Essentials is required by the MOD to win MOD tenders. Without this suppliers are less likely to win defence procurement opportunities through the MOD.
The complete Cyber Essentials scheme is made up of two progressive stages – Cyber Essentials and Cyber Essentials Plus.
Cyber Essentials is the first stage and is a foundation level certification that provides a clear statement of the basic controls your organisation should have in place to mitigate the risk from common cyber threats.
Cyber Essentials plus is the second stage, and is a more rigorous test of your organisation’s cyber security systems where our cyber security experts carry out on-site vulnerability tests to ensure that your organisation is protected against basic hacking and phishing attacks.
The difference between the two is the on-site vulnerability tests that are carried out for Cyber Essentials plus certification. All organisations must complete the first stage, but some organisations, depending on their structure and risk severity, will need to complete Cyber Essentials Plus.
Cyber Essentials Plus is commonly seen as the demonstration of an organisation’s IT maturity. We would advise that if you are an organisation with over 250 members of staff, each with one or more connected devices.
Obtaining Cyber Essentials certification through DCI is a straight forward process and takes just three simple steps:
Upon completion and receipt of your Cyber Essentials certificate, you will receive the relevant Cyber Essentials branding to use on your collateral such as tender bids for one of the many defence contracts available through DCI.
The process to becoming Cyber Essentials certified is straightforward and only takes a few days to complete.
After ordering Cyber Essentials or Cyber Essentials Plus, you will receive login details for the members’ area of the site where you will find the self-assessment form. Filling out this form is relatively straightforward and will only take a couple of hours to complete. You are also supported throughout the process, either via the help buttons on the questionnaire or via the contact form.
Once the self-assessment form has been completed, you submit it electronically through the members’ area and will receive confirmation. After submission, it will take our team a few days to assess your answers. Once we have reviewed your application, you will be contacted by a member of our team to discuss the next steps in the process.