We have worked hard to secure our IT infrastructure and have a clear picture of our organisation’s cybersecurity level. As a result, we have been Cyber Essentials Plus Certified which means our clients can be sure that we have good security measures in place.
In addition, it means we can be selected for certain Government contracts which require Cyber Essentials certification.
Is a simple but effective, Government-backed scheme that will help you to protect your organisation, whatever its size, against a whole range of the most common cyber attacks.
Certification gives you peace of mind that your defences will protect against the vast majority of common cyber attacks simply because these attacks are looking for targets which do not have the Cyber Essentials technical controls in place.
While your organisation needs more than Cyber Essentials to comply with GDPR, it’s a great first step. Cyber Essentials certification is evidence that you have taken steps towards protecting your data from cyber-attacks.
Cyber Essentials Plus
Cyber Essentials Plus still has the Cyber Essentials trademark simplicity of approach, and the protection you need to put in place is the same, but for Cyber Essentials Plus a hands-on technical verification is carried out.
This standard adopts a process approach for establishing, implementing, operating, monitoring, reviewing, maintaining, and improving an organisation’s information security management system.
The standard takes a comprehensive approach to information security.
Assets that need protection range from digital information, paper documents, and physical assets (computers and networks) to the knowledge of individual employees.
Payment Card Industry (PCI DSS)
PCI Security Standards are developed specifically to protect payment account data throughout the payment lifecycle. They include standards for merchants, service providers, and financial institutions on security practices technologies and processes, and standards for developers and vendors for creating secure payment products and solutions.
General Data Protection Regulation (GDPR)
Is Europe’s framework for data protection laws, its primary aim is to give control to individuals over their personal data. It also makes data protection rules more or less identical throughout the EU. Companies can be fined for non-compliance and breaches and gives us all more say over what companies can do with our data.