From 1 October 2014, the UK government has made it mandatory that all suppliers bidding for certain sensitive and personal information handling contracts to be certified against the Cyber Essentials scheme.
The scheme’s five security controls apply to:
Boundary Firewall and Internet Gateway
There are two level of certification available: Cyber Essentials and Cyber Essentials Plus. A Cyber Essentials certification is awarded on the basis of a verified self-assessment and approved by a senior executive and verified by an independent Certification body. Cyber Essentials Plus offers a higher level of assurance through external testing of an organization’s cyber security approach.