UK test centre for Government’s cyber security rules
- Author:Ella Cai
- Release on:2017-07-05
The UK Government’s Cyber Essentials programme, which is designed to protect organisations from cyber security threats, is now mandatory for suppliers of Government contracts, which involve handling personal information, and providing ICT products and services.
tHE Cyber Essentials programme is also important for organisations taking the appropriate risk mitigation steps to comply with the new General Data Protection Regulation (GDPR).
Ewan Fisher
Ewan Fisher
Organisations in non-compliance with the GDPR after 25th May 2018 could face heavy fines of up to four per cent of annual global turnover in the event of a data breach.
Ewan Fisher, operations manager at Glasgow-based TÜV SÜD UK, writes:
“Cyber criminals target every size of organisation, both large and small. Cyber Essentials helps them to combat cyber attacks, the majority of which exploit basic IT system vulnerabilities.”
According to the Government’s Cyber Security Breaches Survey 2017: Just under half (46%) of all UK businesses identified at least one cyber security breach or attack in the last twelve months. This rises to two-thirds among medium firms (66%) and larger firms (68%).
The standard covers five key areas:
Secure configuration – security measures that are implemented when building and installing computers and network devices in order to reduce unnecessary vulnerabilities.
Boundary firewalls and internet gateways – provide a basic level of protection where a user connects to the Internet.
Access control and administrative privilege management – protects user accounts and helps to prevent misuse of privileged accounts.
Patch management – ensures that software on computers and network devices is up to date and capable of resisting low-level attacks.
TÜV SÜD United Kingdom has achieved Certified Body status for test and validation of IT systems.
tHE Cyber Essentials programme is also important for organisations taking the appropriate risk mitigation steps to comply with the new General Data Protection Regulation (GDPR).
Ewan Fisher
Ewan Fisher
Organisations in non-compliance with the GDPR after 25th May 2018 could face heavy fines of up to four per cent of annual global turnover in the event of a data breach.
Ewan Fisher, operations manager at Glasgow-based TÜV SÜD UK, writes:
“Cyber criminals target every size of organisation, both large and small. Cyber Essentials helps them to combat cyber attacks, the majority of which exploit basic IT system vulnerabilities.”
According to the Government’s Cyber Security Breaches Survey 2017: Just under half (46%) of all UK businesses identified at least one cyber security breach or attack in the last twelve months. This rises to two-thirds among medium firms (66%) and larger firms (68%).
The standard covers five key areas:
Secure configuration – security measures that are implemented when building and installing computers and network devices in order to reduce unnecessary vulnerabilities.
Boundary firewalls and internet gateways – provide a basic level of protection where a user connects to the Internet.
Access control and administrative privilege management – protects user accounts and helps to prevent misuse of privileged accounts.
Patch management – ensures that software on computers and network devices is up to date and capable of resisting low-level attacks.
Malware protection – protects against a broad range of malware (including computer viruses, worms, spyware, botnets and ransomware).