5 things you need to know about Cyber Essentials

Find out everything you need to know about Cyber Essentials and Cyber Essentials Plus and why it's vital for the security of your business.

First off, what exactly is Cyber Essentials? Cyber Essentials is a UK government scheme, set up in 2014, to help businesses protect themselves from cyber security threats. It has been designed so that anyone, no matter what level of information security knowledge they have can implement it. Cyber Essentials is self-assessed against 5 set criteria and an online questionnaire. You can also get a Cyber Essentials Plus certification which requires external assessment, but both use the same 5 key controls.

We’re really passionate about making cyber security accessible to all organisations, so we’ve put together a list of 6 essential technical controls that if any organisation implements, they will have a reasonable level of cyber security. These are NGFW, Remote Access, SWG, EDR, Email Security and Vulnerability Management. These 6 technical controls will also help an organisation maintain compliance with Cyber Essentials.

First, let's look at each of the Cyber Essentials controls, each designed to cover the basics of information security and tell you why it’s important and what it all means for you and your business.

1. Firewalls – What are they and why do you need them?

You’ve likely already heard of firewalls, but you may not realise their importance. A firewall is really your first line of defence, preventing unapproved access to your network. It’s important that these are properly set up and to create a buffer zone between your network and the internet. Firewalls are not the same as anti-virus software (which we’ll cover later) they are instead more like the strong city walls built around your empire. You control the gateways and decide who to let in.

2. Secure device and software configuration – Don’t rely on manufacturer settings!

Most new devices come configured to be open and easy to connect. However, this also leaves them wide open to threats! Make sure you check all the settings and remove or disable any accounts or functions you don’t need. It is also highly recommended that you use unique passwords, PINs or biometric IDs to secure your devices where possible. Yes, we know it can be annoying trying to remember different passwords and PINs but trust us, dealing with a cyber-attack is worse.

3. User access – Who really needs what

As convenient as it might be to simply give everyone in the team the same level of access, this opens more routes for potential attacks. Instead, think about the level of access each employee needs to applications, online services, and device settings and connectivity to do their job. Giving admin access to only the people that really need it means you limit the chance of account misuse or theft.

4. Anti-Virus and malware protection – Essential for the security of your business

Anti-virus software has become pretty standard these days for both business and personal devices. However, it is absolutely vital that your business has complete and up-to-date protection. If firewalls are your city walls, then your anti-virus software is the army protecting them and the business inside. Ensuring you have the right and most up-to-date protection in the fight against viruses, malware and ransomware could be the difference between a business continuing as normal and a costly mistake. It is also worth considering the use of Endpoint Detection and Response (EDR) software. While your firewall and anti-virus are working to prevent external attacks, EDR is watching for threats already inside your walls, so you’ll have all angles covered.

5. Patch Management - If you thought potholes were bad!

Patch management is critical to a comprehensive cybersecurity strategy because it ensures that software vulnerabilities are promptly addressed and remediated. Software vulnerabilities are weaknesses or flaws that can be exploited by cybercriminals to gain unauthorised access to computer systems, steal data, or cause damage. Cybercriminals often use automated tools to scan for unpatched vulnerabilities, and once they find them, they can easily launch attacks. Patch management involves regularly updating software and operating systems to fix known vulnerabilities and improve security. Organisations risk exposing their systems to security breaches, data theft, and other cyber threats without patch management. Effective patch management can help organisations stay ahead of cybercriminals and protect their data and systems from potential attacks.

At Nomios we have long believed in these core principles of cyber security, but we believe there is far more to be done when it comes to protecting businesses. That’s why we created the Nomios Cyber Maturity Curve. For us, cyber security is a journey and one that is proactive in its approach.

The 6 key controls listed above form the foundation of our maturity curve and allow businesses to build solid defences, we believe that every business should have these controls in place as standard. The second stage is more adaptive and tailored to your business and its specific vulnerabilities. For example, if you run an e-commerce site you should have specific firewalls in place fit for this purpose. The third stage of the cure is wholly proactive. By this stage of your cyber security journey, you’re ready to have people specifically managing your security and actively working to find vulnerabilities in your business.

Let's take a quick look at the 6 vulnerabilities that constitute the essential phase of the Nomios Cyber maturity Curve.

Next-Generation Firewalls

Next-generation firewalls (NGFWs) are advanced security solutions designed to provide enhanced protection against modern cyber threats. Unlike traditional firewalls that only monitor and filter network traffic based on port and protocol, NGFWs also inspect the contents of the network packets to identify and block malicious traffic. NGFWs use advanced techniques such as deep packet inspection, intrusion prevention, application awareness, and sandboxing to detect and prevent cyber threats. NGFWs also provide advanced visibility and control over network traffic, allowing organisations to manage access to applications and services based on user identity, device type, and other criteria. NGFWs are essential for organisations that need to secure their networks against sophisticated cyber threats, prevent data breaches, and comply with regulatory requirements.

Remote Access

Remote access security is critical in today's world, where more people are working remotely and accessing company networks from outside the office. Remote access refers to the ability to connect to a company's network from a remote location, such as from home or on the go. While remote access provides flexibility and convenience, it also introduces security risks, as remote devices may not be as secure as office-based devices. Cybercriminals can exploit vulnerabilities in remote access technologies to gain unauthorised access to company networks, steal sensitive data, or install malware. Securing remote access requires implementing multi-factor authentication, encryption, and other security measures to protect remote connections and ensure that only authorised users can access company resources.

Secure Web Gateway

A secure web gateway (SWG) is a solution designed to protect organizations from web-based threats by filtering and blocking malicious traffic. SWGs inspect inbound and outbound web traffic, blocking access to malicious websites and preventing malware downloads. SWGs also provide granular control over web traffic, allowing organisations to manage access to web-based applications and services based on user identity, device type, and other criteria. SWGs use advanced techniques such as sandboxing, machine learning, and behaviour analysis to detect and block emerging threats in real-time. With the increasing use of cloud-based applications and services, SWGs have become essential for organisations to secure their web traffic and protect against web-based threats.

Endpoint Detection and Response (EDR)

Endpoint detection and response (EDR) is a cybersecurity solution that detects and responds to advanced threats targeting endpoints, such as workstations, laptops, and servers. EDR solutions use advanced technologies such as machine learning and behavioural analysis to detect and prevent malware, ransomware, and other threats that can bypass traditional endpoint security solutions. EDR solutions can also investigate and remediate security incidents in real-time, providing organisations with advanced threat-hunting capabilities. EDR solutions provide organisations with visibility into endpoint activities, allowing them to monitor and manage endpoints across their network. With the increasing sophistication of cyber threats, EDR has become an essential component of a comprehensive cybersecurity strategy to protect endpoints and prevent data breaches.

Email Security

Inbox or Pandora's box? Email security is crucial for defending against malicious cyber attacks, as email remains a primary attack vector for cybercriminals. Phishing scams, malware distribution, ransomware, and targeted attacks often originate from seemingly innocuous emails. Implementing robust email security measures prevents unauthorised access to sensitive data, financial losses, and reputational damage. An effective solution filters spam, scans attachments for malicious content, and detects phishing attempts. Additionally, email security helps maintain regulatory compliance by safeguarding personal and confidential information through encryption and data loss prevention (DLP) mechanisms. In an era of ever-evolving cyber threats, email security is essential to a holistic cybersecurity strategy, protecting businesses and their valuable assets.

Vulnerability Management

Vulnerability management is a cybersecurity practice that involves identifying, assessing, and mitigating security vulnerabilities in an organisation's IT environment. Vulnerabilities can be introduced by outdated software, unpatched systems, misconfigured settings, and other factors. A vulnerability management program typically involves regularly scanning IT systems for vulnerabilities, prioritising vulnerabilities based on their severity and impact, and remediating them in a timely manner. Effective vulnerability management helps organisations reduce their attack surface and protect against cyber threats such as malware, ransomware, and data breaches. By proactively managing vulnerabilities, organisations can reduce their risk of a security incident and ensure the confidentiality, integrity, and availability of their data and systems.

If you want to learn more about the Nomios Cyber Maturity Curve and how we can help your business on this journey, get in touch today to talk to our expert team.