Cyber Essentials: Can ‘Out of Support’ Software be Used?
Introduction Technical debt and out of support software can be a challenge when considering Cyber Essentials certification. This summary demystifies the topic, with advice, explanation and an example – aimed to help and inform. Out of support software and technical debt There are plenty of examples of organisations needing to retain end of support […]
Cyber Essentials: Malware Protection
Introduction Deploying malicious software (like ransomware) is just one way that cyber criminals can impact organisations and people – having suitable protection in place is key to good cyber security posture. It helps to prevent malicious software from appearing on devices and running – effectively aimed at preventing damage and impact. Here, we explore the […]
Cyber Essentials: User Access Control
Introduction User access control is a fundamental aspect of Cyber Essentials, ensuring that only authorised individuals have access to sensitive systems and data. Effective access control measures significantly reduce the risk of data breaches and cyber attacks by limiting unnecessary exposure to critical information. Here, we explore the importance of user access control, why it’s […]
Cyber Essentials: Security Updates
Introduction Keeping devices secure with vendor-provided updates is key for cyber security best practice. It helps prevent unauthorised access and helps keep devices safe from harm. Whether pursuing Cyber Essentials, Cyber Essentials Plus, or just looking to be secure, applying security updates is a crucial step. Why Security Updates Are Important Devices that run […]
Cyber Essentials: Secure Configuration
Introduction Having securely configured devices is a key component of cyber security best practice. This reduces risk and aims to ensure devices are not vulnerable to attack. Whether an organisation is pursuing Cyber Essentials, Cyber Essentials Plus, or just looking to be secure, having a secure configuration for devices is a crucial step. Why […]
Cyber Essentials: Firewalls
Introduction Firewalls play a crucial role in cyber security, acting as the first line of defence against unauthorised access. Whether your organisation is pursuing Cyber Essentials, Cyber Essentials Plus, or just looking to be secure, a suitably configured firewalls is a fundamental requirement. Why Firewalls Are Important A firewall is a security barrier that […]
Cyber Essentials: Gap Analysis
Introduction Knowing what an organisation has in place currently (current state) and where it would like to be in the future (target state) is crucial for organisations in planning strategy and defining change. Understanding this ‘gap’ and setting a way forward is a common technique when developing strategy. A similar approach can be taken by […]
Cyber Essentials: Scoping
Introduction Cyber Essentials is a UK government-backed scheme and the recommended minimum baseline cyber security standard for organisations – it aims to protect organisations from the most common forms of internet-based attacks. One of the first steps in achieving Cyber Essentials is scoping – this defines what systems, devices, and networks are covered under the […]
NCSC Funded Cyber Essentials Programme: Helping UK Organisations Strengthen Cyber Security
Introduction Cyber threats are an ever-growing concern for businesses, charities, and professionals across the UK. Recognising the need for stronger cybersecurity, the National Cyber Security Centre (NCSC) launched a Funded Cyber Essentials Programme to help organisations enhance their cyber resilience. This government-backed initiative provides funded expert support to eligible organisations, offering 20 hours of consultancy […]
Cyber Essentials – Willow or Montpellier: What’s The Difference and Why Does It Matter?
Introduction In a world of ever-evolving cyber threats, achieving a robust cybersecurity posture is essential. One way for organisations to ensure their systems are protected from common forms of cyber attack is through the implementation of technical controls relating to the Cyber Essentials scheme. But what do references to ‘Willow’ and ‘Montpellier’ mean when it […]
