Cyber Security Essentials
The Cyber Essentials scheme provides guidance to help organisations of all sizes to measure their defences against common forms of cyber-attacks. Selected by industry experts, the technical controls within the scheme reflect those covered in well-established standards. Cyber Essentials offers a sound foundation of basic hygiene measures that all types of organisations can implement and potentially build upon.
The Cyber Security Essentials scheme is aligned with the primary objective of the UK Government’s National Cyber Security Strategy to make the UK a safer place to conduct business online by building a vibrant, resilient and secure cyberspace by 2015.
From 1 October 2014, the Government requires all suppliers that are bidding for contracts that include the handling of certain sensitive and personal information to be certified against the Cyber Essentials scheme.
Who is it for
The Cyber Essentials test is recommended for organisations looking for a base level Cyber Security test where IT is a business enabler rather than a core deliverable. It is mainly applicable where IT systems are primarily based on Common-Off-The-Shelf (COTS) products rather than large, heavily customised, complex solutions. The aim of the testing is to identify opportunistically exploitable vulnerabilities within an organisation’s Internet facing infrastructure and user workstations that provide a high level of exposure to potential attackers with a low level of skill. This level of testing assumes no specific threats against an organisation need to be addressed and that the likely level of attack is the broad, untargeted style of unsophisticated attacks. This level of testing is specifically not suitable for organisations that may be the target of Advanced Persistent Threat (APT) style attacks.
Pentest offers a thorough, yet adaptive range of security services to help customers address vulnerabilities in their network or applications. Services include: Secure Coding Workshops, SAST tools, Manual Penetration Testing and Security Audits.
Pentest offers a complete Database Security Assessment Service (DSAS) to businesses that rely on the security of the information held within their databases or have concerns relating to the security compliance of these systems.