SlideShare a Scribd company logo

Implementing cyber essentials, by Ged Nicholson

Jisc
Jisc

A presentation from Networkshop46.

Technology
1 of 14
Download to read offline
Implementing cyber essentials Ged Nicholson, Hartlepool College of FE
The Cyber Essentials scheme has been developed by the UK Government and industry to fulfil two functions It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet based threats, within the context of the Government’s 10 Steps to Cyber Security And through the Assurance Framework it offers a mechanism for organisations to demonstrate to customers, investors, insurers and others that they have taken these essential precautions What is Cyber Essentials
Five Key Controls Boundary firewalls & internet Gateways Secure configuration Access control & administration privilege management Patch Management Malware Protection
> Self assessment questionnaire verified by certification body Which option > Verification carried out independently by a certification body
cyberessentials.ncsc.gov.uk/ Where to go for help
cyberessentials.ncsc.gov.uk/ Where to go for help
Accreditation Bodies Direct - Portal CE £300 CE+ ? 40 Questions 48 Suppliers CE £300 + CE+ £1250 + 34 Questions Vulnerability Scan Included 20 Companies CE £250 + CE+ £500 + 35 Questions 4 Companies ? ? ? ? Direct + 143 Suppliers CE £300 or £400 CE+ Varies 62 or 171 Questions Bundle with IASME governance & GDPR assessments cyberessentials.ncsc.gov.uk/getting-certified/
> Decide CE or CE+ > Select Certification Body through one of the Accreditation Body > Verify that your IT is Secure > Write business scope > Fill out Questionnaire > Option – Arrange Vulnerability scan/Visit > Buy picture frame and await for Certificate > Renew after one year Steps to Certification
> Make sure you have the 5 key controls covered > Review the questions before you start the process > Take your time to selecting a accreditation and Certification bodies > Select which option is best for your needs CE or CE+ > Getting the Scope correct is vital especially for CE+ > Be prepared to justify your answers and results Our Experience
Limitations Not designed for Education Scheme not consistent CE relies on the company honesty Is only a snapshot in time Can be expense for CE+
Is it worth the Time and Cost? Good starting point for Cyber Security Simple, straightforward and cost affective certification process Keeps management, auditors and insurers happy
Except where otherwise noted, this work is licensed under CC-BY-NC-ND. Gerald Nicholson IT manager gerald.nicholson@hartlepoolfe.ac.uk I have been… Hartlepool College of Further Education, Stockton Street, Hartlepool, TS24 7NT T 01429 404181 enquires@hartlepoolfe.ac.uk www.hartlepoolfe.ac.uk
Any questions? / Thank you

Recommended

Contractor Safety Verification, Learning & Improvement
Contractor Safety Verification, Learning & ImprovementContractor Safety Verification, Learning & Improvement
Contractor Safety Verification, Learning & Improvement
myosh team
 
DPO Day Conference - Minimizing Privacy Risks
DPO Day Conference - Minimizing Privacy RisksDPO Day Conference - Minimizing Privacy Risks
DPO Day Conference - Minimizing Privacy Risks
Hernan Huwyler, MBA CPA
 
C 1.1 acceptance procedures
C 1.1 acceptance proceduresC 1.1 acceptance procedures
C 1.1 acceptance procedures
Sazzad Hossain, ITP, MBA, CSCA™
 
External Data in UW
External Data in UWExternal Data in UW
External Data in UW
Kevin Pledge
 
10 Mistakes in Implementing the ISO 37301
10 Mistakes in Implementing the ISO 3730110 Mistakes in Implementing the ISO 37301
10 Mistakes in Implementing the ISO 37301
Hernan Huwyler, MBA CPA
 
The SQAS assessment and the latest changes to it
The SQAS assessment and the latest changes to itThe SQAS assessment and the latest changes to it
The SQAS assessment and the latest changes to it
Tristan Wiggill
 
Escrow Presentation2010
Escrow Presentation2010Escrow Presentation2010
Escrow Presentation2010
simongreaves
 
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
Hernan Huwyler, MBA CPA
 

Recommended

Contractor Safety Verification, Learning & Improvement
Contractor Safety Verification, Learning & ImprovementContractor Safety Verification, Learning & Improvement
Contractor Safety Verification, Learning & Improvement
myosh team
 
DPO Day Conference - Minimizing Privacy Risks
DPO Day Conference - Minimizing Privacy RisksDPO Day Conference - Minimizing Privacy Risks
DPO Day Conference - Minimizing Privacy Risks
Hernan Huwyler, MBA CPA
 
C 1.1 acceptance procedures
C 1.1 acceptance proceduresC 1.1 acceptance procedures
C 1.1 acceptance procedures
Sazzad Hossain, ITP, MBA, CSCA™
 
External Data in UW
External Data in UWExternal Data in UW
External Data in UW
Kevin Pledge
 
10 Mistakes in Implementing the ISO 37301
10 Mistakes in Implementing the ISO 3730110 Mistakes in Implementing the ISO 37301
10 Mistakes in Implementing the ISO 37301
Hernan Huwyler, MBA CPA
 
The SQAS assessment and the latest changes to it
The SQAS assessment and the latest changes to itThe SQAS assessment and the latest changes to it
The SQAS assessment and the latest changes to it
Tristan Wiggill
 
Escrow Presentation2010
Escrow Presentation2010Escrow Presentation2010
Escrow Presentation2010
simongreaves
 
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
ISO 31022 Management of Legal Risks IE Law School Masterclass Hernan Huwyler
Hernan Huwyler, MBA CPA
 
Automating Compliance-Based Training Through Just-in-Time Learning
Automating Compliance-Based Training Through Just-in-Time LearningAutomating Compliance-Based Training Through Just-in-Time Learning
Automating Compliance-Based Training Through Just-in-Time Learning
Human Capital Media
 
Effective BIA for optimum BCM Benefit
Effective BIA for optimum BCM BenefitEffective BIA for optimum BCM Benefit
Effective BIA for optimum BCM Benefit
Continuity and Resilience
 
Strategic business concerns and risk
Strategic business concerns and riskStrategic business concerns and risk
Strategic business concerns and risk
Bolaji James Bankole CCSS,CEH,MCSA,MCSE,MCP,CCNA,
 
Investigating Corruption: First responses to signs of trouble
Investigating Corruption: First responses to signs of troubleInvestigating Corruption: First responses to signs of trouble
Investigating Corruption: First responses to signs of trouble
PECB
 
Connect Accounting AU
Connect Accounting AUConnect Accounting AU
Connect Accounting AU
Tim Davidson
 
Information Technology and Compliance at KMCO Gaming
Information Technology and Compliance at KMCO GamingInformation Technology and Compliance at KMCO Gaming
Information Technology and Compliance at KMCO Gaming
houselan
 
ISACA_CISM_April_2023-v1.3.pdf
ISACA_CISM_April_2023-v1.3.pdfISACA_CISM_April_2023-v1.3.pdf
ISACA_CISM_April_2023-v1.3.pdf
CCIEHOMER
 
EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...
EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...
EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...
Rea & Associates
 
Cyber review-guide
Cyber review-guideCyber review-guide
Cyber review-guide
aqazad
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation
Jim Kaplan CIA CFE
 
VerifiedInformationCertificate
VerifiedInformationCertificateVerifiedInformationCertificate
VerifiedInformationCertificate
Jack McCubbine
 
General Data Protection Regulation for Auditors 5 of 10
General Data Protection Regulation for Auditors 5 of 10General Data Protection Regulation for Auditors 5 of 10
General Data Protection Regulation for Auditors 5 of 10
Jim Kaplan CIA CFE
 
CompTIA Security+ Certification | Sec+
CompTIA Security+ Certification | Sec+ CompTIA Security+ Certification | Sec+
CompTIA Security+ Certification | Sec+
SagarNegi10
 
Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?
Jim Kaplan CIA CFE
 
Retrospective data analytics slides
Retrospective data analytics slidesRetrospective data analytics slides
Retrospective data analytics slides
Jim Kaplan CIA CFE
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?
IT Governance Ltd
 
Moving Forward: Setting The Direction - A Findings Review of CTEK’s 2020 Annu...
Moving Forward: Setting The Direction - A Findings Review of CTEK’s 2020 Annu...Moving Forward: Setting The Direction - A Findings Review of CTEK’s 2020 Annu...
Moving Forward: Setting The Direction - A Findings Review of CTEK’s 2020 Annu...
SophiaPalmira
 
How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of samplingHow analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling
Jim Kaplan CIA CFE
 
How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling
Jim Kaplan CIA CFE
 
EMEA10: IT Training and Certification: Value to Employers
EMEA10: IT Training and Certification: Value to EmployersEMEA10: IT Training and Certification: Value to Employers
EMEA10: IT Training and Certification: Value to Employers
CompTIA UK
 
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Jim Kaplan CIA CFE
 
Enhanced fraud detection with data analytics
Enhanced fraud detection with data analyticsEnhanced fraud detection with data analytics
Enhanced fraud detection with data analytics
Jim Kaplan CIA CFE
 

More Related Content

What's hot

What's hot (6)

Automating Compliance-Based Training Through Just-in-Time Learning
Automating Compliance-Based Training Through Just-in-Time LearningAutomating Compliance-Based Training Through Just-in-Time Learning
Automating Compliance-Based Training Through Just-in-Time Learning
 
Effective BIA for optimum BCM Benefit
Effective BIA for optimum BCM BenefitEffective BIA for optimum BCM Benefit
Effective BIA for optimum BCM Benefit
 
Strategic business concerns and risk
Strategic business concerns and riskStrategic business concerns and risk
Strategic business concerns and risk
 
Investigating Corruption: First responses to signs of trouble
Investigating Corruption: First responses to signs of troubleInvestigating Corruption: First responses to signs of trouble
Investigating Corruption: First responses to signs of trouble
 
Connect Accounting AU
Connect Accounting AUConnect Accounting AU
Connect Accounting AU
 
Information Technology and Compliance at KMCO Gaming
Information Technology and Compliance at KMCO GamingInformation Technology and Compliance at KMCO Gaming
Information Technology and Compliance at KMCO Gaming
 

Similar to Implementing cyber essentials, by Ged Nicholson

EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...
EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...
EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...
Rea & Associates
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation
Jim Kaplan CIA CFE
 
VerifiedInformationCertificate
VerifiedInformationCertificateVerifiedInformationCertificate
VerifiedInformationCertificate
Jack McCubbine
 
General Data Protection Regulation for Auditors 5 of 10
General Data Protection Regulation for Auditors 5 of 10General Data Protection Regulation for Auditors 5 of 10
General Data Protection Regulation for Auditors 5 of 10
Jim Kaplan CIA CFE
 
Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?
Jim Kaplan CIA CFE
 
Retrospective data analytics slides
Retrospective data analytics slidesRetrospective data analytics slides
Retrospective data analytics slides
Jim Kaplan CIA CFE
 
How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of samplingHow analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling
Jim Kaplan CIA CFE
 
How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling
Jim Kaplan CIA CFE
 
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Jim Kaplan CIA CFE
 
Enhanced fraud detection with data analytics
Enhanced fraud detection with data analyticsEnhanced fraud detection with data analytics
Enhanced fraud detection with data analytics
Jim Kaplan CIA CFE
 
CLECO SECURITY SOLUTIONS PROFILE
CLECO SECURITY SOLUTIONS PROFILECLECO SECURITY SOLUTIONS PROFILE
CLECO SECURITY SOLUTIONS PROFILE
CLECO SECURITY
 
Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10) Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10)
Jim Kaplan CIA CFE
 
2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d
Gene Kim
 
How to get auditors performing basic analytics using excel
How to get auditors performing basic analytics using excel How to get auditors performing basic analytics using excel
How to get auditors performing basic analytics using excel
Jim Kaplan CIA CFE
 

Similar to Implementing cyber essentials, by Ged Nicholson (20)

ISACA_CISM_April_2023-v1.3.pdf
ISACA_CISM_April_2023-v1.3.pdfISACA_CISM_April_2023-v1.3.pdf
ISACA_CISM_April_2023-v1.3.pdf
 
EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...
EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...
EPISODE 1 | Security Wars: A New Goal: CMMC Compliance & Department of Defens...
 
Cyber review-guide
Cyber review-guideCyber review-guide
Cyber review-guide
 
Implementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection RegulationImplementing and Auditing General Data Protection Regulation
Implementing and Auditing General Data Protection Regulation
 
VerifiedInformationCertificate
VerifiedInformationCertificateVerifiedInformationCertificate
VerifiedInformationCertificate
 
General Data Protection Regulation for Auditors 5 of 10
General Data Protection Regulation for Auditors 5 of 10General Data Protection Regulation for Auditors 5 of 10
General Data Protection Regulation for Auditors 5 of 10
 
CompTIA Security+ Certification | Sec+
CompTIA Security+ Certification | Sec+ CompTIA Security+ Certification | Sec+
CompTIA Security+ Certification | Sec+
 
Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?Is Your Audit Department Highly Effective?
Is Your Audit Department Highly Effective?
 
Retrospective data analytics slides
Retrospective data analytics slidesRetrospective data analytics slides
Retrospective data analytics slides
 
What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?What is the UK Cyber Essentials scheme?
What is the UK Cyber Essentials scheme?
 
Moving Forward: Setting The Direction - A Findings Review of CTEK’s 2020 Annu...
Moving Forward: Setting The Direction - A Findings Review of CTEK’s 2020 Annu...Moving Forward: Setting The Direction - A Findings Review of CTEK’s 2020 Annu...
Moving Forward: Setting The Direction - A Findings Review of CTEK’s 2020 Annu...
 
How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of samplingHow analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling
 
How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling How analytics should be used in controls testing instead of sampling
How analytics should be used in controls testing instead of sampling
 
EMEA10: IT Training and Certification: Value to Employers
EMEA10: IT Training and Certification: Value to EmployersEMEA10: IT Training and Certification: Value to Employers
EMEA10: IT Training and Certification: Value to Employers
 
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
Touchstone Research for Internal Audit 2020 – A Look at the Now and Tomorrow ...
 
Enhanced fraud detection with data analytics
Enhanced fraud detection with data analyticsEnhanced fraud detection with data analytics
Enhanced fraud detection with data analytics
 
CLECO SECURITY SOLUTIONS PROFILE
CLECO SECURITY SOLUTIONS PROFILECLECO SECURITY SOLUTIONS PROFILE
CLECO SECURITY SOLUTIONS PROFILE
 
Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10) Implementing and Auditing GDPR Series (9 of 10)
Implementing and Auditing GDPR Series (9 of 10)
 
2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d2010 06 gartner avoiding audit fatigue in nine steps 1d
2010 06 gartner avoiding audit fatigue in nine steps 1d
 
How to get auditors performing basic analytics using excel
How to get auditors performing basic analytics using excel How to get auditors performing basic analytics using excel
How to get auditors performing basic analytics using excel
 

More from Jisc

More from Jisc (20)

Towards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptxTowards a code of practice for AI in AT.pptx
Towards a code of practice for AI in AT.pptx
 
Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)Jamworks pilot and AI at Jisc (20/03/2024)
Jamworks pilot and AI at Jisc (20/03/2024)
 
Wellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptxWellbeing inclusion and digital dystopias.pptx
Wellbeing inclusion and digital dystopias.pptx
 
Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)Accessible Digital Futures project (20/03/2024)
Accessible Digital Futures project (20/03/2024)
 
Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...Procuring digital preservation CAN be quick and painless with our new dynamic...
Procuring digital preservation CAN be quick and painless with our new dynamic...
 
International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...International students’ digital experience: understanding and mitigating the ...
International students’ digital experience: understanding and mitigating the ...
 
Digital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptxDigital Storytelling Community Launch!.pptx
Digital Storytelling Community Launch!.pptx
 
Open Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptxOpen Access book publishing understanding your options (1).pptx
Open Access book publishing understanding your options (1).pptx
 
Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...Scottish Universities Press supporting authors with requirements for open acc...
Scottish Universities Press supporting authors with requirements for open acc...
 
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...How Bloomsbury is supporting authors with UKRI long-form open access requirem...
How Bloomsbury is supporting authors with UKRI long-form open access requirem...
 
Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023Jisc Northern Ireland Strategy Forum 2023
Jisc Northern Ireland Strategy Forum 2023
 
Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023Jisc Scotland Strategy Forum 2023
Jisc Scotland Strategy Forum 2023
 
Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023Jisc stakeholder strategic update 2023
Jisc stakeholder strategic update 2023
 
JISC Presentation.pptx
JISC Presentation.pptxJISC Presentation.pptx
JISC Presentation.pptx
 
Community-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptxCommunity-led Open Access Publishing webinar.pptx
Community-led Open Access Publishing webinar.pptx
 
The Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptxThe Open Access Community Framework (OACF) 2023 (1).pptx
The Open Access Community Framework (OACF) 2023 (1).pptx
 
Are we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptxAre we onboard yet University of Sussex.pptx
Are we onboard yet University of Sussex.pptx
 
JiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptxJiscOAWeek_LAIR_slides_October2023.pptx
JiscOAWeek_LAIR_slides_October2023.pptx
 
UWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptxUWP OA Week Presentation (1).pptx
UWP OA Week Presentation (1).pptx
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 

Recently uploaded

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
sammart93
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
Joaquim Jorge
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 

Recently uploaded (20)

Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot TakeoffStrategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
Strategize a Smooth Tenant-to-tenant Migration and Copilot Takeoff
 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Artificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and MythsArtificial Intelligence: Facts and Myths
Artificial Intelligence: Facts and Myths
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Handwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed textsHandwritten Text Recognition for manuscripts and early printed texts
Handwritten Text Recognition for manuscripts and early printed texts
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
GenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdfGenAI Risks & Security Meetup 01052024.pdf
GenAI Risks & Security Meetup 01052024.pdf
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 

Implementing cyber essentials, by Ged Nicholson

  • 2. The Cyber Essentials scheme has been developed by the UK Government and industry to fulfil two functions It provides a clear statement of the basic controls all organisations should implement to mitigate the risk from common internet based threats, within the context of the Government’s 10 Steps to Cyber Security And through the Assurance Framework it offers a mechanism for organisations to demonstrate to customers, investors, insurers and others that they have taken these essential precautions What is Cyber Essentials
  • 3.
  • 4. Five Key Controls Boundary firewalls & internet Gateways Secure configuration Access control & administration privilege management Patch Management Malware Protection
  • 5. > Self assessment questionnaire verified by certification body Which option > Verification carried out independently by a certification body
  • 8. Accreditation Bodies Direct - Portal CE £300 CE+ ? 40 Questions 48 Suppliers CE £300 + CE+ £1250 + 34 Questions Vulnerability Scan Included 20 Companies CE £250 + CE+ £500 + 35 Questions 4 Companies ? ? ? ? Direct + 143 Suppliers CE £300 or £400 CE+ Varies 62 or 171 Questions Bundle with IASME governance & GDPR assessments cyberessentials.ncsc.gov.uk/getting-certified/
  • 9. > Decide CE or CE+ > Select Certification Body through one of the Accreditation Body > Verify that your IT is Secure > Write business scope > Fill out Questionnaire > Option – Arrange Vulnerability scan/Visit > Buy picture frame and await for Certificate > Renew after one year Steps to Certification
  • 10. > Make sure you have the 5 key controls covered > Review the questions before you start the process > Take your time to selecting a accreditation and Certification bodies > Select which option is best for your needs CE or CE+ > Getting the Scope correct is vital especially for CE+ > Be prepared to justify your answers and results Our Experience
  • 11. Limitations Not designed for Education Scheme not consistent CE relies on the company honesty Is only a snapshot in time Can be expense for CE+
  • 12. Is it worth the Time and Cost? Good starting point for Cyber Security Simple, straightforward and cost affective certification process Keeps management, auditors and insurers happy
  • 13. Except where otherwise noted, this work is licensed under CC-BY-NC-ND. Gerald Nicholson IT manager gerald.nicholson@hartlepoolfe.ac.uk I have been… Hartlepool College of Further Education, Stockton Street, Hartlepool, TS24 7NT T 01429 404181 enquires@hartlepoolfe.ac.uk www.hartlepoolfe.ac.uk