Free Cyber Security Resource – Inside the Cyber Essentials Knowledge Hub
Introduction Maybe you’ve read about the continued success of the Cyber Essentials scheme and want to benefit from being more resilient, informed, trusted, and competitive. Perhaps you’re keen to achieve certification and opt in for the free cyber insurance. You be looking to learn more about the Cyber Essentials technical controls. If so, this […]
The Difference Between Cyber Essentials, Cyber Essentials Plus and IASME Cyber Assurance
Introduction With cyber security threats continuing to evolve and adapt at lightening pace, adequate protection of organisational data is essential. There are many ways for organisations to ensure systems and data are protected – these include the implementation of security measures and controls. Cyber Essentials, Cyber Essentials Plus, and IASME Cyber Assurance are aimed […]
Cyber Essentials: Contractors
Introduction With cyber-related incidents making headlines daily, cyber security is an ever-increasing priority for organisations. Cyber Essentials is often a great place to start, with the implementation of just five technical controls proving to be highly effective in reducing risks against common cyber threats. However, a challenging question that often arises is how to consider […]
Cyber Essentials: Free Cyber Liability Insurance
Introduction From phishing attacks to ransomware, threat actors constantly evolve their tactics. This leaves organisations vulnerable to operational, financial, and reputational damage. If you’re looking for a way to safeguard against these risks, the Cyber Essentials scheme offers a simple and effective solution. For added peace of mind, eligible organisations can opt in for […]
Cyber Essentials Plus: Vulnerability Assessments
Introduction Cyber Essentials Plus (Level Two) is a technical audit to demonstrate that protections are in place, guarding against common forms of cyberattacks. This article takes a deeper dive into the vulnerability assessments and patching checks. We shine a light on these to help show why that testing is carried out, the benefits, what to […]
Cyber Essentials Plus: Missing Security Patches
Introduction With the pace of technology accelerating, staying on top of security vulnerabilities is crucial for organisations of all sizes. Security updates are released on a regular basis, aimed at reducing risk and closing system weaknesses. Cyber criminals are constantly looking to exploit weaknesses for nefarious gain, so a holistic approach to applying security patches […]
Cyber Essentials Plus: Windows SMB Version 1 (SMBv1) Detected
Introduction With cyber threats constantly evolving, staying ahead of vulnerabilities is crucial. One significant, yet long-standing vulnerability relates to Windows Server Message Block Version 1 (SMBv1). This outdated protocol allows attackers to gain unauthorised access to systems, posing a serious risk to security. Cybercriminals can use this weakness to infiltrate your network, steal sensitive […]
Cyber Essentials Plus: WinVerifyTrust Vulnerability
Introduction With cyber based threats evolving at an unprecedented pace, one (long-standing) vulnerability that continues to demand attention is WinVerifyTrust. This allows cybercriminals to cause damage by installing malicious software in files and disguise it as a ‘trusted software update”. By addressing this flaw, unauthorised access can be prevented, along with data breaches and […]
Cyber Essentials Plus: What Does The Audit Involve?
Introduction Cyber Essentials Plus (Level Two) is a technical audit of IT systems. It’s based on the same technical requirements of Cyber Essentials (Level One) and is a way to verify the controls are in place and operating effectively. It can provide more assurance to organisations regarding the risks associated with internet-based threats. The […]
Cyber Essentials: Can ‘Out of Support’ Software be Used?
Introduction Technical debt and out of support software can be a challenge when considering Cyber Essentials certification. This summary demystifies the topic, with advice, explanation and an example – aimed to help and inform. In this article, we consider why technology may be a challenge to replace, urge organisations to plan for the replacement of […]