Say hello to automated compliance

What is Cyber Essentials?

The government’s Cyber Essentials scheme ensures basic cyber security measures are in place, preventing approximately 80% of cyber-attacks. The scheme is based on 5 controls and ensures that most vulnerabilities are secured.

Why just 5 controls?

The 5 specific controls give an organisation a high level of cyber security without an enterprise level cost.

  • 5 basic controls provide a simplified framework, unlike IS027001
  • Despite its simplicity, Cyber Essentials prevents or mitigates as much as 99.3% of attacks (University of Lancaster study)

Times are changing, attacks are changing

  • Cyber-attacks are evolving constantly
  • Traditional endpoint security is not enough
  • CE gives organisations a layered approach to security

Benefits of Cyber Essentials

Cyber Essentials helps prevent the majority of cyber-attacks. Even a simple virus or piece of malware could result in loss of company and client data, disrupt your cash flow, and waste time. Never mind the reputational damage a breach can cause. Loss of data could breach the Data Protection Act and lead to fines or prosecution.

Since 0ctober 2014, it has been mandatory to have a Cyber Essentials certification if you have any public sector or local authority contracts. Holding a Cyber Essentials badge enables you to bid for these contracts.

Cyber Essentials covers the technical baseline for devices for GDPR, PCI-DSS, HIPPA, IS027001 and others.

What is CyberSmart

CyberSmart is a platform that allows your clients to achieve Cyber Essential certification and maintain their compliance, easily and automatically.

The CyberSmart platform consists of two parts: a cloud-based dashboard and a device based application, that anyone, regardless of technical expertise or compliance fluency, can operate via the platform.

The cloud-based dashboard

The cloud-based dashboard is used to manage the compliance process. It allows the partner to add new organisations, check the compliance status of individual devices and allows organisations to get Cyber Essentials certified.

Tooltips, guides and live support ensure that anyone, regardless of technical expertise or compliance fluency, can operate the platform.

Device-based app

The CyberSmart app is deployed to all devices in the organisation. These apps periodically check and report on the compliance status of the device and give visibility on the organisational compliance level.

Continuous compliance

Once certified, CyberSmart ensures you maintain compliance with ongoing monitoring and regular reporting for you and your clients. Move from point-in-time to ongoing protection.

The Process

The platform is designed to assist organisations in achieving Cyber Essentials certification in the easiest and shortest time possible. The entire process can be divided into four parts:

Step 1: Identify

Scanning for vulnerabilities provides the capability to identify all Cyber Essentials weaknesses. The CyberSmart app automates the search for weaknesses in the organisation’s system, no prior technical knowledge is required.

Step 2: Fix

CyberSmart gives visibility on all compliance issues on devices, armed with this information, remediation is simplified. CyberSmart is written in plain English, using smart questions and offers step-by-step guides and live online support. The technology ensures good security practices stay in place after certification.

Step 3: Certify

Security is only one part of being compliant, it is equally important for organisations to demonstrate that cyber security is taken seriously and that their data is in safe hands. This builds trust and can limit liability in case of a breach. Once Cyber Essentials is achieved, the official Cyber Essentials badge is provided for use as well as a physical certificate.

Step 4: Protect

Compliance is not a once- in-a-while exercise but an ongoing process. CyberSmart quietly monitors and reports on organisational compliance allowing for the provision of real-time threat information and security updates. Annual ongoing support, £25K of free cyber-security insurance and live support is also included.