Welcome to our

Cyber Security News Aggregator

.

Cyber Tzar

provide a

cyber security risk management

platform; including automated penetration tests and risk assesments culminating in a "cyber risk score" out of 1,000, just like a credit score.

Cyber Essentials gets biggest update to technical controls since launch

published on 2021-12-03 07:54:11 UTC by
Content:

In the new year, the NCSC and IASME will implement an updated set of requirements for Cyber Essentials. This update will be the biggest overhaul of the scheme’s technical controls since it was launched in 2014 and comes in response to the cyber security challenges organisations now regularly face. The way we work has changed dramatically over a short period of time. The additional risks brought about by rapid digital transformation and the adoption of cloud-based services has been compounded by the move to home-working. The impending refresh reflects these changes and signals a more regular review of the scheme’s technical controls. The NCSC and IASME recently completed a major technical review of the scheme, the results of which have informed the updated requirements that will soon help organisations maintain their basic cyber hygiene, providing reassurance for their customers and their supply chain.

These include revisions around cloud services, as well as home-working, multi-factor authentication, password management and security updates. The controls, which have been updated with direct input from the NCSC’s and IASME’s technical experts, also align Cyber Essentials closer to other initiatives and guidance, including Cyber Aware. Many of the changes are based on feedback from assessors and applicants, as well as consultation with the Cloud Industry Forum. The new version of the Cyber Essentials technical requirements will be implemented for new assessment accounts from 24th January 2022. However, any assessment account that is already active before the 24th January will continue to use the current technical standard. This means that any time and effort already invested will not be wasted. Such assessments will have 6 months to complete from the 24th January 2022. In recognition of the extra effort that may be involved for some organisations, there will be a period of grace of up to 12 months for some of the requirements. The new requirements document and new question set is now published on the IASME website https://iasme.co.uk/cyber-essentials/free-download-of-cyber-essentials-self-assessment-questions/. Additional advice and guidance will be published in due course. The Cyber Essentials Readiness Tool will also be updated accordingly to reflect the new controls from 24th January.

Cyber Essentials

A simple but effective government backed scheme, Cyber Essentials helps organisations, whatever their size, guard against a whole range of the most common cyber threats. Not only does this reassure organisations and customers that their systems are secured against basic cyber-attacks, but Government contracts also often require this basic certification too.

Cyber Essentials will:

  • Reassure customers that you are working to secure your IT against cyber attack
  • Attract new business with the promise you have cyber security measures in place
  • Give a clear picture of your organisation's cyber security level
  • Enable you to bid for some Government contracts

More information about the scheme can be found at www.iasme.co.uk.

The IASME Consortium

www.iasme.co.uk

Established in 2012, The IASME Consortium specialises in certification for cyber security and information assurance. IASME is the National Cyber Security Centre’s Cyber Essentials Delivery Partner for the Cyber Essentials scheme. The scheme focuses on five important technical security controls that when implemented will help guard against the most common cyber threats and demonstrate commitment to cyber security.

Article: Cyber Essentials gets biggest update to technical controls since launch - published almost 3 years ago.

https://www.nebrcentre.co.uk/post/cyber-essentials-gets-biggest-update-to-technical-controls-since-launch   
Published: 2021 12 03 07:54:11
Received: 2022 02 09 00:51:20
Feed: North East Business Resilience Centre
Source: National Cyber Resilience Centre Group
Category: News
Topic: Cyber Security
Views: 3

Custom HTML Block

Click to Open Code Editor