What is Cyber Essentials?
Cyber Essentials (CE) is a UK-government scheme that encourages organizations to adopt good security practices. Companies are required to implement certain security measures and follow certain guidelines in order to be granted a Cyber Essentials certificate. The purpose of that certificate is to demonstrate to their clients that they take cyber security seriously.
What types of CE certification exist?
Two levels of certification are available:
- Cyber Essentials (CE)
- Cyber Essentials Plus (CE+)
The first one (CE) is based on self-assessment. Companies who wish to become certified assess their IT infrastructure themselves to ensure that it meets the Cyber Essentials standards. Then, they choose an Accredited Certification Body (ACB) that provides a questionnaire that the organization should complete. The completed questionnaire is reviewed by the chosen ACB, who then award the firm a certificate.
The process of obtaining CE+ certification is the same as for CE except that portions of the assessment are conducted or verified by a accredited Certification Body.
Where can I find the Cyber Essentials requirements?
- https://www.cyberessentials.ncsc.gov.uk/advice/
- https://www.cyberessentials.ncsc.gov.uk/requirements-for-it-infrastructure
How does AppCheck fit in?
We are not an Accredited Certification Body and, therefore, cannot issue CE certificates to companies. However, companies can use our infrastructure scanning capabilities in order to help them prepare to meet some of the required guidelines. An internal scanning hub is needed to scan the nodes available only internally.
In other words, AppCheck can be one of the tools used in preparing to earn a CE certificate but it cannot be the only tool.
Comments
0 comments
Please sign in to leave a comment.