Government launches cyber security certification for businesses

Badge of assurance
  • Anh Nguyen (Computerworld UK)
  • 12 April, 2014 03:05

The government has launched its Cyber Essentials scheme to provide "clarity to organisations on what good cyber security practice is" and to "set out the steps they need to follow to manage cyber risks".

Once organisations have been independently assessed against the best practice recommendations they can apply for the "Cyber Essentials award". The government said this will demonstrate to potential customers that businesses have achieved a certain level of cyber security, and that they take it seriously.

The new scheme is applicable to not only businesses, but also universities, charities and public bodies, said the government.

Universities and science minister David Willetts said: "Cyber Essentials is an easy to use and cost effective way to help businesses and the public sector protect themselves against the risks of operating online.

"Organisations will now be able to easily demonstrate they are 'cyber safe' - reassuring their clients, boosting confidence and profitability. I encourage all organisations to adopt it."

David Booth, managing director of the Information Assurance for SMEs (IASME) body, said: "We welcome this initiative, which fills an important gap in enabling organisations, particularly SMEs, to understand the most important technical aspects of cyber security protection. It fits nicely into IASME's wider governance approach to information assurance for small companies."

The scheme is being funded by the government through the National Cyber Security Programme. Organisations can self-assess themselves now, and from this summer will also be able to apply to be assessed and gain formal certification, leading to the award of a Cyber Essentials badge.

The scheme has been developed following consultation with the British Standards Institution (BSI), IASME, the Information Security Forum (ISF), as well as businesses and professional bodies.