IASME and the National Cyber Security Centre have introduced an updated set of requirements for the Cyber Essentials certification scheme on the 24th January 2022. This update is set to be the biggest overhaul of the scheme’s technical controls since it was first launched in 2014.
The adoption of cloud services has massively increased due to the pandemic has grown over the past two years, with home/hybrid working now being adopted as the new normal for so many staff and businesses nationwide. As employees use their own devices and Internet routers for work, Cyber Essentials will now consider these during its assessment, this will also include revisions of; multi-factor authentication, security updates, password management, and cloud services.
This update aims to help businesses maintain basic cyber hygiene alongside this change in working behaviours, and provide reassurance for clients, managers and employees. Changes have been implemented thanks to a consultation provided by the Cloud Industry Forum and feedback from assessors and cyber essentials applicants.
What is Cyber Essentials?
Cyber Essentials is a simple and effective Government-backed scheme, supported by industry experts and the Cyber Resilience Centre through our Cyber Essentials Partner network.
The scheme helps you put measures in place to protect your organisation, regardless of size or sector, against a range of the most common cyber-attacks. This includes protecting against threats such as malware, ransomware and phishing.
How Does The New Update Work?
The new update for Cyber Essentials was officially released on 24th January 2022. Any applications that are processed before this date will continue to use the current standard requirements and will have six months to complete the assessment.
Any future Cyber Essentials assessments will now use the updated set of requirements, with a grace period of up to 12 months on select requirements for organisations who need to make adjustments and extra efforts.