Cyber Essentials is a Government scheme that helps businesses protect themselves, and the data and information they hold for customers, against cyber threats. It has been Government policy since 2014 that suppliers to all Central Government contracts which involve handling personal information must have a Cyber Essentials certificate. Now Crown Commercial Service (CCS) has started to make it a requirement for framework suppliers and their subcontractors on several of the new framework contracts.
Recently, Bramble Hub successfully retained its Cyber Essentials and Cyber Essentials Plus certification for another year. We have also been strongly encouraging our partners to get Cyber Essentials, both for their own benefit, and as part of our supply chain to the public sector, to protect our customers. We are therefore delighted to announce that all the companies actively working with Bramble Hub are in the process of acquiring a Cyber Essentials certificate and many have already achieved certification.
Although we have ISO 27001 accreditation, the international information security standard, we still found the self-assessment exercise very beneficial. It is better than a lot of the tick-box exercises sometimes are, as it focuses on practical steps you should be taking to protect your systems and data from unauthorised intrusion. It really helped us think about and improve our own security. So much so that since last year we also undertook the higher level Cyber Essentials Plus assessment, which includes formal penetration testing by independent experts.
Editor’s note: The Cyber Essentials scheme comprises a simple self-assessment questionnaire which is then certified by an assessor at a cost of £300. Details of the scheme and a copy of the questionnaire are at: https://www.cyberaware.gov.uk/cyberessentials/.