Using guidance from CESG’s ’10 Steps to Cyber Security’, a blueprint for the industry fused with elements taken from IASME (Information Assurance for SMEs) and ISO27001, and with input from BSI (British Standards Institute) and ISF (Information Security Forum), the standard is expected to be launched in summer 2014. Companies will be able to complete the independent assessment process and gain the Cyber Essentials certification badge from this point.
Cyber Essentials will focus on five essential areas where controls can be applied – boundary firewalls and internet gateways, secure configurations, user access control, malware protection and patch management. It is expected that penetration testing will be widely recommended to diagnose existing vulnerabilities within IT systems.
Once the standard is launched, Mitigate Cyber Security will be able to take your business through the certification process to become Cyber Essentials accredited. We are currently working on putting our service in place and we will be providing more information as it becomes available.
For PDFs of the proposed framework, please see here: https://www.gov.uk/government/publications/cyber-essentials-scheme-overview