Cyber Essentials Set for Major Update in 2022
The UK government’s best practice cybersecurity framework is set to undergo the “biggest overhaul” of its technical controls since it was introduced in 2014, the National Cyber Security Centre (NCSC) has warned.
Cyber Essentials offers a simple set of steps that organizations can sign-up to and be certified against to prevent the most common cyber-threats. It’s available in a basic self-assessment version and a Cyber Essentials Plus scheme requiring hands-on technical verification by a third-party.
It covers areas such as firewalls, secure configuration, access controls and malware protection.
The new version of the program’s technical requirements will be officially released on January 24 2022.
“Any assessments already underway, or that begin before that date, will continue to use the current technical standard, meaning that in-progress certifications will not be affected. Organizations using the current standard will have six months from January 24 to complete the assessment,” the NCSC said.
“All Cyber Essentials applications starting on or after January 24 will use the updated version of requirements. We recognize that some organizations may need to make extra efforts when assessed against the new standards, so there will be a grace period of up to 12