What is Cyber Essentials?

Cyber Essentials is a widely recognised certification that helps organisations demonstrate their commitment to cyber security and protect against common online threats. The certification provides a strong foundation in cyber security best practices, helping businesses improve their overall security posture and safeguard their sensitive data.

The purpose of Cyber Essentials is to ensure that organisations implement basic security measures to prevent and mitigate cyber attacks. By obtaining the certification, businesses showcase their dedication to cyber security and gain a competitive edge in the marketplace. It also helps organisations gain trust from customers, partners, and suppliers, who can be assured that their data and information is handled securely.

1. Firewalls

Firewalls play a crucial role in ensuring the security of devices connected to the internet, especially when accessing public or untrusted Wi-Fi networks. Configuring and using firewalls are essential for preventing unauthorised access and protecting sensitive data from potential cyber threats.

Boundary firewalls are implemented at the network's edge, acting as a barrier between the trusted internal network and the untrusted external network, such as the internet. They monitor incoming and outgoing traffic, filtering and blocking any unauthorised or malicious data packets. Personal firewalls, on the other hand, are software-based firewalls installed on individual devices. They provide an additional layer of defense by monitoring and controlling network connections and application access on the device itself.

Enabling a firewall on devices can be done either through the device's operating system settings or by installing third-party firewall software. Many operating systems, such as Windows and macOS, have built-in firewall features that can be easily enabled and configured. In the case of third-party firewall software, it is important to choose a reputable and trusted solution.

 2. Secure Configuration

Secure configuration is a crucial aspect of maintaining the security of web and application servers. Improper configurations can lead to significant vulnerabilities that can be exploited by hackers, potentially compromising sensitive data and causing severe damage. Therefore, it is essential to implement routine practices to ensure that the servers are properly configured and protected.

One of the first steps is to review and eliminate unnecessary user accounts. Having numerous user accounts increases the attack surface and provides potential entry points for attackers. By regularly auditing and removing unnecessary accounts, the potential for unauthorised access is significantly reduced.

Another important practice is to remove unnecessary software. Unneeded software often contains known vulnerabilities, which attackers can exploit. Minimising the software footprint on servers reduces the overall attack surface, making it harder for hackers to find potential weaknesses.

Changing default or easily guessable account passwords is another vital step in secure configurations. Default passwords are widely known and easily exploited by hackers. By enforcing strong and unique passwords for all accounts, the risk of unauthorised access is mitigated.

Authentication plays a crucial role in secure configurations. It is important to authenticate users before granting Internet-based access to the server. This ensures that only authorised individuals can access the server and its resources.

3. Security Update Management

Security update management is crucial for maintaining the integrity and safety of computer systems. Regularly updating software is essential to protect against newly discovered vulnerabilities and to ensure that the latest security features are in place. Failing to keep up with security updates leaves systems exposed to potential breaches, data leaks, and malware attacks.

To effectively address security update management, several key practices should be followed. Firstly, organizations should regularly review and remove any old or unsupported software from their systems. Such software is more likely to have security vulnerabilities and may no longer receive updates from the vendor.

In addition, critical or high-risk updates should be applied within 14 days of release. These updates often address significant security flaws that could be exploited by attackers. Enabling automatic updates wherever possible can help ensure that updates are applied in a timely manner, reducing the risk of leaving systems vulnerable.

Furthermore, all software used should be properly licensed and supported. Unlicensed or unsupported software may not receive updates, leaving systems exposed to known vulnerabilities.

4. User access control

User access control is a fundamental aspect of ensuring data safety and restricting unauthorized access to sensitive information. It plays a crucial role in maintaining the integrity, confidentiality, and availability of data in various organisations and systems.

The first type of access control, Role-Based Access Control (RBAC), is based on defining roles for different users and assigning permissions accordingly. This approach simplifies the management of user access by allowing administrators to allocate permissions based on specific roles, rather than individual users. RBAC ensures that users only have access to the resources and information necessary for their role, minimising the risk of unauthorised access.

Attribute-Based Access Control (ABAC) is a dynamic access control model that evaluates various attributes such as user attributes, resource attributes, contextual attributes, and environmental attributes to determine access. ABAC provides granular control over access permissions based on multiple attributes, allowing organisations to define more complex access policies and enforce them effectively.

Discretionary Access Control (DAC) is a type of access control where the owner of the resource has the authority to grant or revoke access permissions to other users. DAC is commonly used in personal computers and home networks, where user-controlled access is sufficient. However, it may not be suitable for environments with numerous users or a need for centralised control and accountability.

Mandatory Access Control (MAC) is a strict access control model that employs security labels and levels to control access. MAC is commonly used in highly secure environments such as government agencies and military systems. Access is granted based on predetermined rules and policies, with no discretion given to users or administrators.

5. Malware Protection 

Malware protection is of utmost importance in today's digital world, where cyber threats continue to evolve and pose a significant risk to both individuals and organizations. Malware refers to malicious software designed to exploit vulnerabilities in computer systems to gain unauthorised access or disrupt normal operations.

One of the major risks associated with malware is the theft of confidential information. Malicious actors can use malware to steal personal information, such as bank account details, login credentials, or sensitive business data. This can lead to financial losses, identity theft, or even reputational damage.

Another risk is the blocking of access to files. Ransomware, a type of malware, encrypts files on a victim's computer and demands a ransom in exchange for the decryption key. This can result in the loss of important files or substantial financial losses if organisations are unable to restore access.

Implementing effective malware protection measures is crucial to addressing these risks. Firstly, individuals and organisations should invest in reliable anti-malware software. These programs can detect and remove various types of malware, providing real-time protection against cyber threats.

Blocking connections to malicious websites is another essential step. Malware is often distributed through infected websites or malicious links. By using web filtering tools or browser extensions, users can prevent access to known malicious websites, reducing the risk of infection.

Regularly updating software is also important in minimising the risk of malware. Software updates often include security patches that fix known vulnerabilities that can be exploited by malware. By staying up-to-date with the latest software versions, users can significantly reduce their exposure to cyber threats.

Conclusion 

In conclusion, implementing the five technical controls of Cyber Essentials—attribute–based Access Control (ABAC), Discretionary Access Control (DAC), Mandatory Access Control (MAC), Malware Protection, and regular software updates—is essential for enhancing cybersecurity resilience. These controls help organisations protect their sensitive data, prevent unauthorised access, and mitigate the risks associated with evolving cyber threats.

By incorporating these controls into their cybersecurity strategy, organisations can improve their overall security posture and reduce the likelihood of falling victim to cyber-attacks. It is important for both individuals and businesses to prioritise cybersecurity measures and stay informed about the latest threats and best practices to safeguard their digital assets effectively.

Remember, cybersecurity is a shared responsibility, and everyone has a role to play in protecting themselves and others from potential harm. By being proactive, vigilant, and informed, we can collectively work towards a more secure digital environment. Stay safe online and make cyber essentials a priority in your cybersecurity efforts.

‍

Pentest People are a Cyber Essentials Certifying Body and can provide a consultancy service to help you at all stages of your Cyber Essentials accreditation journey. We offer a range of different package options based on your needs and company size, allowing bespoke options no matter what you require. Get in touch with us today.

‍