Evolution of Cyber Essentials Scheme
Read the post The Bare Essentials from the National Cyber Security Centre (NCSC) to get updates on its evolution that includes a move to a single cyber security delivery partner to take over running the scheme.
Consultation about the current scheme identified common messages:
- "the user journey to certification is perceived as complicated with different Accreditation Bodies operating the scheme in different ways
- organisations didn’t just want certification, they wanted to know who to turn to, for help in implementing the technical controls, maintaining them and responding when things go wrong
- for those looking for confidence in their supply chain, there was confusion about the scope of Cyber Essentials assessments and about the validity of certificates
- organisations are also consuming technology differently than 5 years ago, so people were unsure of how Cyber Essentials related to things such as cloud or shared office services
- finally, there was also an appetite to explore other “levels” of confidence outside of what we know today as Cyber Essentials and Cyber Essentials Plus."
NCSC have a set of FAQs on the Cyber Essentials website which aims to answer questions about the transition period. The next news will be once they have awarded a contract to the new Cyber Essentials partner.
Added: 2nd July 2019