Cyber Security – Cyber Essentials

What are Cyber Essentials?

Cyber Essentials helps organisations show clients and different partners that the most vital and rudimentary Cyber Security controls are used.

After completion of a promise certificate, the organizations are issued Cyber Essentials and Cyber Essentials Plus certificates. So, Cyber Essential is a government-backed scheme that assists organizations in fighting against several common cyber attacks.

“There are several types of cyberattacks, but a significant number are very basic, carried out by amateurs. Some fundamental but vital practices can help companies avoid cybercrimes or attacks.”

An organisation can put in place five technical controls to guard against the threat of cyber attacks:

  1. Firewalls
  2. Secure configuration
  3. Access controls
  4. Malware protection
  5. Patch management


An organization should protect its Internet connection by creating a ‘buffer zone’ between it’s IT network and other, external networks. Also called a “firewall.”

Therefore, to determine whether or not to let traffic onto its network, the firewall examines incoming traffic.

✓ Types of firewall:

  1. A personal firewall for each laptop or computer. It comes as a standard.
  2. A dedicated firewall to protect the whole network. This involves a more complicated set up with many types of devices. A wide range of routers provides this ability.

Secure configuration:

For new software and devices to be accessed by users, manufacturers often set this as the default setup. This includes ‘everything on’ to enable seamless connectivity and usability. Unfortunately, these settings can also give cyberattackers an opportunity to easily gain unauthorized access to data.

  • Check the settings:

Settings of new software and devices must be checked.

  • Use passwords:

Laptops, tablets, desktop computers, and smartphones contain data. They often save the details of the online accounts. Passwords are an effective and easy way to prevent unauthorized users from accessing devices. A password should be hard for somebody else to guess. The default passwords are easy to guess. The use of pins or Touch-ID can also help secure a device.

  • Extra security:

For ‘important’ accounts, such as banking and IT administration, users should use two-factor authentication (2FA). An effective and common example of this involves a code sent to a smartphone which a user must enter in addition to his/her password.

Access control (Cyber essentials)

The staff accounts should just provide limited access to software, settings, online services, and device connectivity functions for staff members to perform their role. This minimizes the potential damage.

✓ Administrative accounts:

Check the user’s access to accounts. Administrative accounts are only for administrative functions. This reduces the chance of compromising the admin account. An attacker with access to the administrative account can be more damaging than one with access to a standard user account.

✓ Access to software:

Another simple way to ensure that devices are secure and malware-free is to only use software from official sources.

The easiest way to do this is to allow users to only install software from approved stores, that will be screening for malware. For mobile devices, this means sources such as the Apple App Store or Google Play.

Keep your devices and software up to date: (Cyber Essentials)

It is important that devices are kept up to date. This applies for both installed apps, software and operating systems. It is quick, free and easy. Also known as ‘patching’. Developers and software companies regularly update apps with new features and fix security vulnerabilities.

Applying these updates is essentials to improve Cybersecurity and reduce the risk of cyber-attack. All programs should be set for ‘automatically update’. As soon as the update is released then you will be protected.

Malware protection

There are various types of malware or ‘malicious software’. Ransomware is one of the malware that gained popularity recently. Ransomware makes data or systems unusable until the victim makes a payment.

An executable file, a website visit, a website advertisement, or opening a compromised attachment are all ways to transmit a virus. Once a virus infects the host, it can affect other system’s software or resources, disable main functions and applications, as well as copy, delete or encrypt data. Some viruses start reproducing as soon as they infect the host, while others remain dormant until a trigger enables the system or device to run dangerous code.

Malware protection measures are in all hardware. For instance, Windows has a Defender, and macOS has XProtect. All laptops and PCs contain malware. So, you can set ‘enable’ within settings to ensure that you are secure. Staying up to date with the latest updates ensures the safety of cell phones and tablets.

In addition to reducing the risk of cyberattacks, whitelisting can guard against malware introduction and execution risks. The procedure includes a manager making a list of uses permitted on a gadget. Therefore, it prevents user from misusing a gadget.

✓ Sandboxing

This involves creating confined execution (surrounding conditions). So, it limits or reduces, the level of access for the applications within a program and acts as a container.

✓ Conclusion and checklists

“An organization’s cybersecurity is good, when the above-mentioned control measures are put in place. An organization must also have a Cyber Essentials certificate as part of its cybersecurity strategy. An organization should also conduct a cyber secure audit to identify risks and receive a recommendation on the best course of action.”