Cyber Essentials Readiness

So, you have a driver to achieve cyber essentials, great stuff. Now if you are a business of reasonable size and scale this activity requires a bit of planning, context and lots of access and data. This could be via a distributed team or via a dedicated project team. In this post I’m going to look at what you may need to conduct the planning, discovery, assessment, and certification for Cyber Essentials and/or CE+.

Defence

The Challenges of Cyber Essentials Audit and Compliance Activities

It’s “only” essential but it can be bloody difficult!
mRr3b00t

Cyber Essentials Areas

Cyber Essentials is a minimum baseline standard for ensuring foundational cyber security considerations and controls are in place. It’s a good starting point, but by no means should it be “THE GOAL” and just because it has “Essentials” in its name, don’t think it’s easy to comply with. Whilst the standard isn’t outlandish with its requirements in the main, the reality between technical capabilities and being able to discover, audit and remediate security configurations in organisations is often nowhere near as simple as someone may tell you. The news here is that the standard has been extended to include some wider areas.