Evolution of Cyber Essentials Scheme
This news story has been archived
Read the post The Bare Essentials from the National Cyber Security Centre (NCSC) to get updates on its evolution that includes a move to a single cyber security delivery partner to take over running the scheme.
Consultation about the current scheme identified common messages:
- "the user journey to certification is perceived as complicated with different Accreditation Bodies operating the scheme in different ways
- organisations didn’t just want certification, they wanted to know who to turn to, for help in implementing the technical controls, maintaining them and responding when things go wrong
- for those looking for confidence in their supply chain, there was confusion about the scope of Cyber Essentials assessments and about the validity of certificates
- organisations are also consuming technology differently than 5 years ago, so people were unsure of how Cyber Essentials related to things such as cloud or shared office services
- finally, there was also an appetite to explore other “levels” of confidence outside of what we know today as Cyber Essentials and Cyber Essentials Plus."
NCSC have a set of FAQs on the Cyber Essentials website which aims to answer questions about the transition period. The next news will be once they have awarded a contract to the new Cyber Essentials partner.
Added: 2nd July 2019