Data Driven Futures

NCSC looks to simplify Cyber Essentials

Written by Peter Walker
09/10/19

The National Cyber Security Centre (NCSC) has started a tender process as it prepares to hand over its Cyber Essentials scheme to one of the existing certification bodies.

It has appointed the IASME Consortium to run the search for an organisation to take on the five-year contract beginning in April 2020.

Cyber Essentials is the NCSC’s guidance and certification process aimed at helping public and private sector organisations guard against the most common cyber threats.

A statement explained that there has been a lack of consistency in the service and an unnecessarily complicated experience for those that use it. The appointment of IASME as a partner is aimed at simplifying the operation, providing a more streamlined path and ensuring that all the certification bodies are working to the same standard.

It will involve the introduction of a minimum criteria for certification and assessments, and an expiry date on certificates.

The two organisations have begun to work on a transition plan and IASME is contacting certification bodies to update them on what is needed after the change.

IASME chief executive Emma Philpott said: “We have seen such a positive effect already over the last five years where Cyber Essentials has increased the basic levels of security across all sectors.

“We are so pleased that we can be part of the future developments, working closely with the excellent certification bodies, trade bodies, police and other key stakeholders, to ensure further growth of the scheme.”