Cyber Essentials is a government introduced Cyber security accreditation that enables organisations to showcase their credentials as a trustworthy and secure organisation when it comes to cyber security. Cyber Essentials is the minimum an organisation needs to implement in order to bid for new MOD defence contracts which include the transfer of ‘MOD identifiable information’.
The MOD has had this requirement since January 2016 and it is key for suppliers looking to do business in the defence sector.
As the risk level goes up, some additional controls are required that can be evaluated through Cyber Essentials Plus vulnerability tests.
A full overview of Cyber Essentials is available for free in the Scheme Summary document.
*Since 1 January 2016, all MOD suppliers are required to comply with the Cabinet Office Procurement Policy Note 09/04. This means that you need to have Cyber Essentials certification if you are looking to win contracts involving the transfer or generation of Ministry of Defence Identifiable Information (MODII).
Cyber Essentials is the first stage and is a foundation level certification that provides a clear statement of the basic controls your organisation should have in place to mitigate the risk from common cyber threats.
Cyber Essentials plus is the second stage, and is a more rigorous test of your organisation’s cyber security systems where our cyber security experts carry out on-site vulnerability tests to ensure that your organisation is protected against basic hacking and phishing attacks.
The difference between the two is the on-site vulnerability tests that are carried out for Cyber Essentials plus certification. All organisations must complete the first stage, but some organisations, depending on their structure and risk severity, will need to complete Cyber Essentials Plus.
Cyber Essentials Plus is commonly seen as the demonstration of an organisation’s IT maturity. We would advise that if you are an organisation with over 250 members of staff, each with one or more connected devices.
Obtaining Cyber Essentials certification through DCI is a straight forward process and takes just three simple steps:
Upon completion and receipt of your Cyber Essentials certificate you will receive the relevant Cyber Essentials branding to use on your collateral such as tender bids for one of the many defence contracts available through DCI.
The process of becoming Cyber Essentials certified is straightforward and only takes a few days to complete.
Step 1: Purchase Cyber Essential Basic which is £300 +VAT
Step 2: From there all you need to do is complete the Self-Assessment Questionnaire and submit the form on the IASME portal (logins for this portal will be sent via email, password logins will be sent via SMS post-purchase)
Step 3: Once you have submitted the Self-Assessment Questionnaire, if you have been successful you will receive your PDF certification.