First Seven Companies Certified to the Government’s Cyber Essentials Scheme

16th June 2014, LONDON, UK. A week after the government launched the Cyber
Essentials Scheme, seven small companies have already successfully achieved
certification to the scheme using the IASME on-line self assessment.
The UK Government’s Cyber Essentials Scheme focuses on the five most important
technical security controls. These controls were identified by the government as those
that, if they had been in place, would have stopped the majority of the successful cyber
attacks over the last few years.

IASME has worked closely with both the Department of Business, Innovation and Skills
and CESG to develop a Cyber Essentials assessment method that is affordable for small
companies and also reflects the complex way that many small businesses operate. All
the questions are free to download from the IASME website to allow companies to see
exactly what they have to put in place and work on becoming secure before paying for
the assessment.

The small companies which have already achieved certification through this scheme
recommend others to try it. “TeraByte IT under took the Cyber Essentials
certification though IASME and found that the process start to finish was simple and
easy to follow” said Marcus Dempsey, Managing Director of TeraByte IT Ltd “This
achievement benefits both our company and clients by showing that we keep our data
secure and provides that level of trust that this scheme provides.”

John Godwin, Head of Compliance and IA at Skyscape Cloud Services Ltd, agrees with
the assessment ease of use “As one of the first organisations to have successfully
completed the Cyber Essentials IASME assessment process, Skyscape found the online
information submission and subsequent independent review by the IASME assessor
to be straightforward and easy to understand. We would recommend all UK SMEs
assess how this new Scheme will help them to protect their businesses.”

Another early adopter, Nexor Ltd, highlighted the benefit of the review of controls even
when you have other security standards in place. Andrew Kays, Operations Director
explained “Security is paramount to Nexor and as a holder of ISO27001 we initially
questioned if Cyber Essentials would provide any additional benefit. However,
recognising the value of Cyber Essentials certification in the government supply chain,
we committed to achieving certification at the earliest opportunity. During the review we
identified several areas where there was scope for improvement in managing our
existing security controls, which showed the value of the scheme. The certification
process itself was simple and clear; and the self-certification process is very easy to
complete.”

More details, including a list of all the companies who have been certified by this
process, can be found at www.iasme.co.uk/cyberessentials and please let us know of
any questions through info@iasme.co.uk or 03300 882 752. More information about the
scheme can also be found at: https://www.cyberstreetwise.com/cyberessentials.
-ENDS

About IASME Consortium Ltd
The IASME Consortium Limited took forward a project to create a cyber security
standard suitable for small companies that was initially supported by the UK
Government’s Technology Strategy Board. IASME has developed a suit of assessment
and certifications for these small organisations to demonstrate their level of information
assurance. Based at the Wyche Innovation Centre in Malvern, the founders have many
years experience of cyber security accreditation and standards.
About CESG
CESG is the Information Security arm of GCHQ and is based in Cheltenham,
Gloucestershire, UK. It is the UK Government's National Technical Authority for IA,
responsible for enabling secure and trusted knowledge sharing to help its customers
achieve their business aims. CESG uses its deep technical expertise to provide its
customers with insights into information risks and mitigations, enabling customers to
reduce both the risks to, and impacts on, their information and information-based
systems.