The Cyber Essentials program is a UK government certification program that shall help companies to gain understanding for the principles of cyber security. It includes, beneath several other measurement mechanics, an independent rating of the company-internal security controls to protect against internet threats. The main goal of the Cyber Essentials program lays in Great Britain’s National Cyber Security Strategy that aims on making the country to a dynamic, resilient and secure Cyberspace for online trade.
Therefore, the British government in cooperation with industry partners have developed the Cyber Essentials Scheme (CES), which meanwhile is the selected standard of the UK Ministry of Defence and the defence industry to ensure that all organisations that are working with the UK Ministry of Defence have basic cyber security activities. Since 1st October 2014, the earlier introduced CES is compulsory for suppliers.
The CES features two levels of certification: Cyber Essentials and Cyber Essentials Plus. The first level includes protection against a wide variety of the most common cyber attacks and is based upon a self-assessment for companies to review the most important IT security controls in their infrastructure. Afterwards, these answers are checked and verified by an external certification authority. The Plus certificate includes additional assurances by performing system test of implemented controls by an authorized third party certification authority. TESAT has undergone both tests and received the Cyber Essentials as well as the Cyber Essentials Plus certification.
Both certifications will be challenged in annually held audits. More information about both certifications can be found on the official website.