With more and more of our data being held digitally, the threat of cybercrime is a major concern for organisations and business leaders. Cyber Essentials is a UK Government backed scheme that is designed to help organisations of all shapes and sizes demonstrate operational security against the most common types of cyber-attacks.

Cubik Innovation is committed to keeping our IT systems and data secure against online threats by implementing robust measures and we are delighted to have been awarded the Cyber Essentials Plus certification for a sixth year.

‍

Cyber Essentials

The first level certification, Cyber Essentials, focuses on threats that require a low level of attacker skill and are very basic in nature. Organisations are required to complete a self-assessment questionnaire addressing five core controls that encourage the adoption of good security practices to effectively minimise the risk of a security breach. The core controls include, user access control, secure configuration, security update management, firewalls and routers, and malware protection.

Achieving Cyber Essentials is a prerequisite for obtaining the Cyber Essentials Plus certification.

‍

Cyber Essentials Plus

The Cyber Essentials Plus certificate requires a remote and onsite technical audit of your IT systems to verify that the controls outlined in Cyber Essentials are in place and effective.

Achieving the accreditation involves a vigorous audit of your IT and security infrastructure by an external auditor to ensure that baseline security standards and controls have been implemented. This year, we welcomed cybersecurity experts, Secarma, who conducted a day of tests designed to breakthrough our security protocols via simulated hacks and attacks to ensure that our data is protected.

‍

Secarma’s expert assessor completed the following activities:

• External vulnerability scan of public facing IP’s.
• Internal vulnerability scan with credentials on a sample of end user devices and server.
• Account segregation tests on end user devices.
• Anti malware testing.
• Review of MFA implementation.

‍

The areas of vulnerability that Cyber Essentials Plus aims to assess include:

• Firewalls
• Secure configuration
• Security update management
• User access controls
• Password based authentication
• Malware protection

‍

Achieving the Cyber Essentials Plus certification demonstrates our ongoing commitment to cyber security, protecting our systems and our customers data. Speaking about the importance of Cyber Essentials Plus certification, Paul Mullen (Founder & Technical Consultant) said:

‍

“As a technology business we already implement a vast number of best practices and security measures to protect our digital assets and information. Ensuring we hold the Cyber Essentials and Cyber Essentials Plus certifications gives us and our customers the peace of mind that our security protocols are active and effective. It forms a critical part of the service that we provide and adds to our existing ISO 9001:2015 standards, to ensure we provide a safe and secure service.”

‍