asds
banner

Blog

blog

P1C Friday Finds Round-Up: 25th December 2021 – 7th January 2022


A Cyber Essentials Update Is Coming On 24th January: Are You Ready?

Rapid digital transformation, mass adoption of cloud-based services and migration to home-working were necessary changes for businesses to survive the pandemic that’s held the world captive for the past two years. These dramatic changes over a short period of time presented cybercriminals with new opportunities for exploitation.

We’ve all been witness to burgeoning cybercrime that’s increasingly sophisticated and complex as malicious actors take advantage of the world being in a time of crisis. Businesses and governments have not only needed to change the way they work, but they have needed to also change their approach to cyber security to ensure they are adequately equipped to prevent and respond to multiplying attacks.

To meet the increasing level of threats head-on, the National Cyber Security Centre (NCSC) is planning to update the technical controls of its Cyber Essentials scheme on 24th January 2022. The upcoming updates reflect the necessary changes businesses and governments need to make to remain cyber secure in the face of cybercriminals which are becoming ever more sophisticated.

But, first, what is NCSC’s Cyber Essentials?

Cyber Essentials is a simple but effective, government-backed scheme that helps you to guard against the most common cyber threats and demonstrates to your customers and other businesses your commitment to cyber security. The requirements are specified under five technical control themes, which are: firewalls, secure configuration, user access control, malware protection and security update management.

Why is it changing?

To reflect the rapid digital transformation we’ve recently undergone, the NCSC in partnership with the Information Assurance for Small and Medium Enterprises Consortium (IASME), recently completed a major technical review of the scheme in response to the new cyber security challenges organisations now regularly face. This will be the biggest major update of the scheme’s technical controls since it was launched in 2014.

What are the updates?

The new revisions will help organisations maintain their basic cyber hygiene and continue to assure their customers and supply chain that effective security solutions are in place. In response to the evolving world around them, the new scheme will introduce changes to controls around cloud services, as well as home-working, multi-factor authentication, password management and security updates. With input from the NCSC’s and IASME’s technical experts, these updated controls will align Cyber Essentials closer to other initiatives and guidance.

Organisations will need to make changes to meet the new requirements such as, bringing home working devices but not routers into scope; using multi-factor authentication for access to cloud services; applying all high and critical updates within 14 days and removing unsupported software; and following guidance on backing up important data.

Two new tests have also been added: one to confirm account separation between user and administration accounts; the other to confirm multi-factor authentication is required for access to cloud services.

When will the changes come into effect?

Whilst the new version of the Cyber Essentials requirements will come into place for new assessment accounts from the 24th of January 2022, there’s no need to panic if your organisation is up for renewal before or after that date.

Any assessments already underway, or that begin before that date, will continue to use the current technical standard, meaning that in-progress certifications will not be affected. Come the 24th January 2022, these assessments will have six months to complete the new certification. The NCSC recognises that the updates will require extra effort from some organisations to comply, so a 12 month period of grace will be in place for some of the requirements.

And if your Cyber Essentials is up for renewal after the 24th of January 2022, then you might need to make a few changes to your cyber security solutions. Luckily, our expert cyber partners at Cyber Security Associates can help!

To find out where your business is currently at and what solutions you may need to upgrade or change, check out our cyber security solutions with Cyber Security Associates.

SOCIAL MEDIA

POST 1 LINKEDIN / FACEBOOK

Cyber Essentials is updating on the 24th of January. But, what is it? And, why does it matter?

Backed by the @National Cyber Security Centre, the simple but effective scheme helps you guard against the most common cyber threats and show your customers that you’re committed to cyber security – which is needed now more than ever!

Since cyber threats are ever-evolving, our cyber security solutions need to evolve, too. And, the Cyber Essentials updates aim to address just that.

Read our latest blog from our cyber experts at @Cyber Security Associates to get the low down: LINK

#CyberEssentials #CyberSecurity #Update

POST 1 TWITTER

Cyber Essentials is updating on the 24th of January. But, what is it? And, why does it matter?

Read our latest blog from our cyber experts at @CyberSecurityIS to get the low down: LINK

POST 2 LINKEDIN / FACEBOOK

Are you ready for the Cyber Essentials update on the 24th of January?

If not, don’t panic! Depending on whether your company is up for renewal before or after that date, here’s what you need to know:

➡️ Any companies with assessments already underway, or that begin before that date, will continue to use the current technical standard, meaning that in-progress certifications will not be affected. You’ll have six months to complete the new certification after the 24th of January.

➡️ Any companies up for renewal after the 24th of January will need to identify where they need to update their cyber security solutions to comply with the new requirements.

Luckily, our expert cyber partners at @Cyber Security Associates can help! Get in touch to find out how: LINK

#CyberEssentials #CyberSecurity #Update

POST 2 TWITTER

(1/3) Are you ready for the Cyber Essentials update on the 24th of January?

If not, don’t panic! Depending on whether your company is up for renewal before or after that date, here’s what you need to know:

(2/3) ➡️ Anyone with assessments already underway, or that begin before that date, will continue to use the current technical standard, so in-progress certifications won’t be affected. You’ll have six months to complete the new certification after the 24th of January.

(3/3) ➡️ Any companies up for renewal after the 24th of January will need to identify where they need to update their cyber security solutions to comply with the new requirements.

Luckily, our expert cyber partners at @CyberSecurityIS can help! LINK

POST 3 LINKEDIN / FACEBOOK

What do rapid digital transformation, mass adoption of cloud-based
services and migration to home-working all have in common?

They were necessary measures for many companies to cope with the global pandemic.

And, they were seen as new opportunities for cybercriminals to exploit.

To meet the increasing levels of cyber threats head-on, the @National Cyber Security Centre has updated the requirements of its Cyber Essentials scheme, which came into effect on the 24th of January. This means many companies will need to start thinking about making some upgrades to their cyber security solutions – yes, that means you!

Don’t worry, we’re here to help you figure it all out. Just get in touch: LINK

#CyberEssentials #CyberSecurity #Update

POST 3 TWITTER

On the 24th of Jan @NIST updated the requirements for Cyber Essentials. This means you’ll need to start thinking about making some upgrades to your cyber security solutions.

Don’t worry, we’re here to help you figure it all out. Just get in touch: LINK

AUTHOR
SPOTLIGHT

author img P1C Admin

Plus 1 Communications

Related Posts

P1C Monday Finds Round-Up: 15th - 29th July 2022

P1C Monday Finds Round-Up: 15th - 29th July 2022

2 August 2022 P1C Admin It’s been a busy few weeks for everyone at P1C! We have lots to share, so before
Read more
P1C Friday Finds Round-Up: 6th - 10th June 2022

P1C Friday Finds Round-Up: 6th - 10th June 2022

10 June 2022 P1C Admin Happy Friday! That was a long week, but we finally made it to the weekend. Since
Read more


CONTACT

Hi, my name is this is my email* phone number and I wanted to talk to you about

 yesBy checking this box, you agree to receive Plus1 Communications updates and offers via email. All subscribers must be over the age of 16. Recurring automated marketing messages will be sent to the email address provided. You can unsubscribe at any time.View Terms of Use and Privacy Policy.