Introduction
Perhaps you’ve read about the continued success of the Cyber Essentials scheme and want to benefit from being more resilient, informed, trusted, and competitive. You’re keen to opt-in for the free cyber insurance. But how close (or far away) is your organisation from meeting the requirements? You might have read the Cyber Essentials IT Requirements document and just need a little more help to understand the potential gaps.
If this sounds familiar, the Cyber Essentials Readiness Tool could be ideal for you – it’s a free resource from IASME (the delivery partner of the Cyber Essentials scheme), designed to support and educate. In this article, we help provide insight on the free cyber security resource – to highlight the benefits, explain how it works, who can use it, and how to get started.
Resource
IASME have developed a free (interactive) tool that helps you look within your organisation to gauge alignment with the technical controls associated with the Cyber Essentials scheme. By using the Readiness Tool, organisations can take steps to address weaknesses and move towards implementing protections from the most common forms of internet-based cyber attacks.
Benefits
- Free and to Use: IASME Readiness Tool is a free online resource, accessible to all organisations
- User Friendly: The resource is designed with non-technical users in mind, using easy-to-understand language and simple questions to guide users through the process
- Tailored Guidance: Based on the responses provided, it can produce a bespoke action plan, helping organisations towards Cyber Essentials certification
- Educational: The tool helps explain key concepts and the importance of implementing the technical controls
- Improved Security Posture: By following the actions created from the tool, organisations can enhance cyber security measures and reduce the risk of common cyber threat
How It Works
- Interactive: A set of simple questions, which drive responses, and provides information to support action
- Non-technical: The tool avoids technical jargon, which supports accessibility and ease of use
- Guidance documents: Throughout use of the resource, additional guidance is provided to help with understanding and applying the five technical controls
- Tailored Action Plan: A bespoke action plan is produced, based on the answers provided, outlining steps to implement the Cyber Essentials controls
- Save and Resume: Progress can be saved and returned to at a later date, so progress can be controlled and executed at a convenient pace
Who’s Eligible to Use It
IASME have made the Readiness Tool available to any-sized organisation – many organisations have already used the service, and many more can benefit too.
How to Get Started
- Visit the IASME website: https://getreadyforcyberessentials.iasme.co.uk
- Select ‘Get started now’: Select the green button relating to ‘Get started now’.
- Follow the Instructions: Use the guidance provided to answer the questions.
- Make Progress: Select ‘save and continue’ or ‘next’ as the questions are navigated. A percentage completion banner will also measure progress.
- Additional information: Select supporting links (at any time) to learn more about each topic.
- Action Items: Important actions are displayed, supporting each topic and providing further insight.
- Download PDF: When all the answers are complete, a tailored action plan will be available for download.
What’s in there
- Hardware or devices used by your organisation
- Software and firmware used by your organisation
- Firewalls
- Accessible services from the internet
- Cloud services
- Secure configurations
- Use of passwords
- Protection against malware
- User Accounts
- Backing up your data
How We Help
- At RB Consultancy Ltd – we support organisations in strengthening their cyber security posture
- NCSC Cyber Advisor certified – we’re proven to help organisations understand and implement technical controls
- NCSC Assured Service Provider – we meet the standards set by the National Cyber Security Centre (NCSC)
- IASME Assessor and Certification Body – we assess organisations and issue certificates for Cyber Essentials, Cyber Essentials Plus and IASME Cyber Assurance
- Consultancy – with ISO 27001 Lead Implementer certification, we help organisations implement Information Security Management System (ISMS) and associated controls
Conclusion – how the IASME Readiness Tool can help organisations with Cyber Essentials
The IASME Cyber Essentials Readiness Tool is a free resource designed to help organisations prepare for Cyber Essentials certification. Developed by the UK Delivery Partner of the Cyber Essentials scheme, it guides users through a series of questions covering the five key technical controls.
When completing the questions within the tool, organisations can then choose to receive a tailored action plan that highlights areas for improvement and provides guidance to strengthen their cyber security posture. This can help simplify the certification process and boost confidence. The tool can be especially valuable for organisations looking for a starting point with Cyber Essentials.
RB Consultancy Ltd empowers organisations through cyber security. We can provide insight on how we use this service and the associated benefits. We also provide services to supplement this service and achieve certification. Contact Us for further information, advice, and guidance.
Information Sources
IASME Cyber Essentials Readiness Tool: https://getreadyforcyberessentials.iasme.co.uk/
Written by Remo Belisari, Managing Director of RB Consultancy Ltd, an experienced cyber security professional and cyber advisor. Remo holds certifications relating to CISSP, ISSAP, ISO 27001, Cyber Essentials, IASME Cyber Assurance, and has many years experience in IT and cyber security. Remo has a history of supporting organisations from all over the world – including a Fortune 500 in USA and over 100 organisations across the UK. The views expressed in this blog are those of the author and do not necessarily reflect the views of RB Consultancy Ltd, its clients, partners, or affiliated organisations. The content is intended for general information only and should not be taken as legal advice.