IASME Cyber Assurance for 1 to 2 Person Organisations
Introduction You’re an organisation with 1 or 2 people and are looking for comprehensive cyber security protection, where do you go? Have you achieved Cyber Essentials and are looking for more? Are you considering ISO 27001 but think it’s too much for a micro organisation? This is where IASME Cyber Assurance comes in. It’s an […]
Beyond Cyber Essentials – IASME Cyber Assurance
Introduction With an ever increasing dependency on technology , information security is more critical than ever. Cyber Essentials can act as a great starting point for most organisations, but what’s next? In this blog, we explore how IASME Cyber Assurance goes beyond Cyber Essentials and can be a great step for organisations looking for […]
Cyber Essentials: Contractors
Introduction With cyber-related incidents making headlines daily, cyber security is an ever-increasing priority for organisations. Cyber Essentials is often a great place to start, with the implementation of just five technical controls proving to be highly effective in reducing risks against common cyber threats. However, a challenging question that often arises is how to consider […]
Cyber Essentials: Difference Between a Cyber Advisor and Assessor
Introduction Due to the proven effectiveness of the Cyber Essentials controls, the scheme continues to grow. Almost 50,000 certificates were issued between March 2024 and April 2025. But who issues these certificates, and what happens when organisations need support implementing the controls? This is where IASME Assessors and NCSC Cyber Advisors come into play. In […]
Cyber Essentials Plus: Fixing Windows Unquoted Service Path Vulnerability
Introduction As cyber threats continue to evolve, known weaknesses must be addressed quickly to avoid breaches, data loss, and ransomware attacks. Cyber Essentials Plus testing is aimed at identifying such weaknesses and can highlight configuration issues that should be fixed. One example of this is the “Windows unquoted/trusted service paths privilege escalation security issue” vulnerability […]
Cyber Essentials Plus: Account Separation
Introduction Cyber Essentials Plus (Level Two) is a technical audit that demonstrates protections are in place to guard against the most common forms of cyberattacks. Here, we focus on account separation checks, explaining why these tests are carried out, the benefits, what to expect, and how we help. Aim of Account Separation Testing […]
Cyber Essentials Plus: Multi-factor Authentication
Introduction Cyber Essentials Plus (Level Two) is a technical audit that demonstrates protections are in place to guard against the most common forms of cyberattacks. Here, we focus on multi-factor authentication and account separation checks, explaining why these tests are carried out, the benefits, what to expect, and how we help. Aim of […]
Cyber Essentials Plus: Malicious Software Protection
Introduction Cyber Essentials Plus (Level Two) involves tests to determine whether an internet-based attacker can hack into systems. This article focuses on the malicious software checks that are carried out via email and internet browsing. Here, we look into why these tests are done, the benefits, what to expect, and how we help. […]
Cyber Essentials: User Access Control
Introduction User access control is a fundamental aspect of Cyber Essentials, ensuring that only authorised individuals have access to sensitive systems and data. Effective access control measures significantly reduce the risk of data breaches and cyber attacks by limiting unnecessary exposure to critical information. In this article, we explore the importance of user access control, […]
Cyber Essentials: Security Updates
Introduction Keeping devices secure with vendor-provided updates is key for cyber security best practice. It helps prevent unauthorised access and helps keep devices safe from harm. Whether pursuing Cyber Essentials, Cyber Essentials Plus, or just looking to be secure, applying security updates is a crucial step. In this article, we explain why security updates are […]